Thinking about setting up your own lab at home and not sure what tools to use? It can be daunting with the plethora of tools out there, you could spend hours researching... well over at SecTools.org they listed the top 125 Network Security Tools which could be a good place to look.
One thing I am lacking in my VM environment is Servers and Domain Controllers... which is sad because PaulDotCom blogged about grabbing hashes from a live DC via Volume Shadow Copies (VSC). VSCs seem to be a treasure trove for forensic information and a place for malicious to lurk (see the video "Lurking in the Shadows" from Hack3rcon II). Both Rob Lee and Harlan Carvey have blogged about grabbing and parsing through the VSC.
Off to learn some PDF analysis, if you are looking to do your own analysis and need samples try contagio.
While I am waiting to hear back from some issues I have had with Volatility (when I try the printkeys command it says it can't find the key, even when I did a hash dump and am staring at it) and getting Yara to compile in Windows--- I think I will post a video about PDF analysis with REMNux. I will also be trying out Camstudio more than likely.
Enjoy your Sunday... for us we have only 14 minutes left of it :)
One thing I am lacking in my VM environment is Servers and Domain Controllers... which is sad because PaulDotCom blogged about grabbing hashes from a live DC via Volume Shadow Copies (VSC). VSCs seem to be a treasure trove for forensic information and a place for malicious to lurk (see the video "Lurking in the Shadows" from Hack3rcon II). Both Rob Lee and Harlan Carvey have blogged about grabbing and parsing through the VSC.
Off to learn some PDF analysis, if you are looking to do your own analysis and need samples try contagio.
While I am waiting to hear back from some issues I have had with Volatility (when I try the printkeys command it says it can't find the key, even when I did a hash dump and am staring at it) and getting Yara to compile in Windows--- I think I will post a video about PDF analysis with REMNux. I will also be trying out Camstudio more than likely.
Enjoy your Sunday... for us we have only 14 minutes left of it :)
No comments:
Post a Comment