T3K.AI’s Post

A little teaser about what we have been working on for extracting Tor Browser Bookmark information, which will be used in our new Dark Web Host Based Forensics course that goes live in 2025. (Will probably work for Firefox too but not tested) #dfir #Darkweb

[CVE-2024-9913: HIGH] Critical vulnerability in D-Link DIR-619L B1 2.06 (formSetRoute) allows remote attackers to trigger a buffer overflow via manipulation of the argument curTime in /goform/formSetRoute, potentially leading to exploits. Take caution! https://lnkd.in/eKY775T4

This writeup is from @bitsctf2024. The category is digital forensics where we were required to use volatility tool to get the nthash and then crack it using online tools.

SQL Vulnerability is a real threat in today's digital landscape. However, the good news is that proactive security practices can help us create a secure environment for everyone. Kudos to Michelle Perna for posting about this important issue. By prioritizing responsible vulnerability disclosure and fostering a culture of security awareness, we can make significant strides towards a safer cyber world. Let's continue to work together to stay one step ahead of potential threats. #securityawareness #proactivesecurity #vulnerabilitydisclosure

Up Up Down Right Left...🎮 You're using the wrong cheat code to rapidly transform threat intelligence into validated protections in your XDR ➡️ Press Start for a preview of what's to come from Prelude at #RSA2024. https://hubl.li/Q02sVMPN0 [P] #threatintelligence #detectionengineering #threatdetection

Today I dug into Autopsy while prepping for BTL1. This is a powerful tool for Disk Analysis. It exposes a user's online journey through Browser Artifacts, Hidden Files, OS Account information, Emails, Timelines, LNK File analysis, EXIF, Registry and File System, Websites visited, Files Downloaded. That's just scratching the surface...it is pretty powerful. Better yet it's free, so check it out.

What is the term for a fake Wi-Fi network set up to trick users into connecting to it? A) Evil Twin B) Rogue Access Point C) Man-in-the-Middle (MitM) attack D) Wi-Fi Sniffing

Day 39: Digital Forensics on TryHackMe Scenario: Gado, a cat, has been kidnapped, and the kidnapper sent a ransom request in the form of an MS Word document. Response: The document was converted to PDF format, and the image from the original Word file was extracted and made available in the attack box for easier analysis. I used the program pdfinfo to read the metadata from the PDF. This tool displays various information such as the title, subject, author, creator, and creation date. Next, I extracted all the EXIF data from the image by running exiftool on the attack box. The EXIF data revealed GPS coordinates, which I then searched on an online map. The coordinates pointed to the street where the photo was taken. #DigitalForensic #TryHackMe

Need to get certified in mobile forensics quickly? We’ve got you. Our CCME Fast Track will get you up to speed on using Cellebrite’s UFED technology and PA in just 10 days. Here’s how to register ➡️ http://ms.spr.ly/6045lzLQ5

First time using FTK imager for mem dumps in BTLO Digital Forensics section. Pretty cool stuff 😎 , does anyone have any tips/advise that would help with efficiency or general best practices in digital forensics?