The DFIR Report’s Post

"deep searching flags" I'm a big fan of the #CTF life. I enjoy getting to learn more ways to find and do various things related to cyber security. this one will definitely be a great way to gain experience at extracting and gathering information from mobile file dumps. if you're a #digitalforensics professional, hobbyist, or just want.to check out forensics, definitely give this a shot! See you on the leaderboard! #ios #iosforensics #android #ansroidforensics #learning

Check out the latest installment of DFU Talks from Cellebrite, Jared Barnhart, Jesse M. Lindmar, and I talk about some of the steps and challenges faced with starting a DFU lab. Find the latest video here: https://lnkd.in/g2ga95Z9 #dfir #mobileforensics #digitalforensics #cellebrite #dfutalks

Cryptographic hashes are central to how IPFS works. Without a short, unique identifier like a cryptographic hash, content addressing wouldn't be possible. Learn about the important characteristics of hashes in our documentation: https://filec.org/4bCaRJG

Get advice from these three pros on how to set up your DFU lab. #digitalforensics #DFIR

In a CTF, you showcase your skills, but it's a controlled arena. With us, you get hands-on with genuine systems, facing actual real systems. Real-world systems present challenges that CTFs can't mimic. If you're still in the CTF bubble, you're missing the bigger picture.

A cyberpunk wild-west like scenario where different factions competed against one another for monetary benefits was the theme set around this year's HackTheBox CTF. My friends Kairos Tay, Wayne Chia, Galen Tay and I joined forces with a fellow CTF team, Yes But No, to compete. While we got nowhere near the top, this was a really engaging and educational CTF that helped me hone my web and pyjail skills. A Memcached command injection, an insecure gRPC server and a quantum teleportation challenge were my favourite challenges in this CTF. I have no idea if this is frowned upon in the CTF community, but my proudest moment was when I discovered a unintended solution to the quantum teleportation challenge, where I exploited a vulnerable `eval` call to achieve RCE. My thought process and how it exactly works can be found at: https://lnkd.in/g8U2mSkM Looking forward to more CTFs and learning more advanced exploitation techniques!

This Wednesday marks the conclusion of the #XAMN Pro "Turn the dials to 10" webinar series. It has been a pleasure presenting this series, focusing on key aspects such as planning, setting a digital strategy, and validating reported evidence. In the upcoming 3rd part, I will share details on how to participate in the mini CTF challenge. The winner will collect the sought after MSAB Challenge coin. This challenge pushes you to go beyond the "Find evidence button" and think outside the box to find the right answers. The difficulty of the challenge is intentional so don't expect an easy ride on this one. #DFIR examiners must possess the skills to investigate thoroughly, making the mini CTF an ideal platform to practice the skills needed to find evidence that can often be missed. Ready to test your skills? Sign up for Part 3 through the link below and get ready to step up to the challenge! https://lnkd.in/eeZaU-Ck #mobileforensics

A new feature in Farsight DNSDB Scout gives users the ability to automatically chase CNAME records to get to an IP address, providing another pivot point for investigators. If a threat actor uses infrastructure connected to CNAMEs, it tracks back to other domains or resolve to IP addresses. The ability to do this automatically means fewer steps for investigators. Learn more here: https://bit.ly/49nVMd7

🚨 [Cyber] Rrgen - A Header Only C++ Library For Storing Safe, Randomly Generated Data Into Modern Containers 👉 This library was developed to combat insecure methods of storing random data into modern C++ containers. For example, old and clunky PRNGs. Thus, rrgen uses STL's distribution engines in order to efficiently... https://lnkd.in/dPCG4Cat