Forensics for beginners - HackYourMom

28 May 2024 3 minutes Author: Lady Liberty

To study this science, we suggest paying attention to several repositories that collect tools, books, manuals and other useful material. You will find all this in today’s article.

They chased

Any science tends to share smaller topics. Let’s guess what classifications forensics is divided into.

Computer forensics – This includes everything related to the search for hacking artifacts on a local computer. Analysis of RAM, hard disk, registry, operating system logs, etc.;
Network forensics — As the name suggests, this is related to research in the field of network stacks – for example, data dump and analysis of network traffic, detection of interesting things such as rat, Reverse shells, backdoor tunnels, etc.;
Forensic data analysis – Intended for analysis of files, data structures, binary sequences left after an attack or used during an intrusion.
Mobile device forensics – deals with everything related to the specifics of data extraction from Android and iOS.
Hardware forensic – Checking of equipment and technical equipment. This direction is the least popular and the most difficult. This includes analyzing low-level data (Microcontroller, Firmware or BIOS), checking certain device functions, such as the frequency range of the Wi-Fi transmitter or the internals of the skimmer installed in the ATM.

To study this science, we suggest paying attention to several repositories that collect tools, books, manuals and other useful material.

Adversary Emulation

Repositories with tools for emulating the actions of attackers, which allow testing the organization’s defense mechanisms.

Memory Analysis Tools

RAM analysis tools used to detect malicious code and other suspicious activity.

Incident Management

Repositories containing tools and techniques for managing security incidents, including detection, response, and reporting.

Communities

Communities and forums where experts share knowledge, experience and news in the field of forensics.

All-In-One Tools

Tools that combine various functions for complex forensic investigations.

Books

A collection of books that cover various aspects of forensics, from basics to specialized areas.

Timeline Tools

Tools for creating timelines of events that help visualize and analyze the development of incidents.

Disk Image Creation Tools

Disk imaging tools used for data storage and analysis.

Evidence Collection

Tools and techniques for gathering evidence from various sources such as computers, mobile devices and networks.

Videos

Videos covering lectures, webinars and demonstrations on various aspects of forensics.

Knowledge Bases

Knowledge bases on various aspects of forensics, including articles, studies and white papers.

Linux Distributions

Specialized Linux distributions designed for forensic investigations.

Other Tools

Tools that do not fall into other categories, but are useful for conducting forensic investigations.

Playbooks

Guides and action scripts that describe steps for responding to different types of security incidents.

Scanner Tools

Tools for scanning systems and networks for vulnerabilities and suspicious activity.

Log Analysis Tools

Log analysis tools. Help detect suspicious activity.

Windows Collection

Tools and techniques for gathering evidence from Windows systems.

OSX Evidence Collection

Tools and techniques for gathering evidence from macOS systems.

Other related articles

Cyberwar Social engineering

Computer criminology (forensics) – review of tools and training grounds

In this article, we will look at popular tools for conducting forensic analysis and collecting digital evidence.

1227

OSINT Academy Cyberwar Social engineering

Computer forensics: a selection of useful links

The article provides links and tools for collecting digital evidence. Their purpose is to use means to preserve and collect digital evidence.

1478

Found an error?

If you find an error, take a screenshot and send it to the bot.

↑