Background Information
Recomendet reading:
Microsoft: How NTFS Works
Greyscale Reasearch: NTFS forensics
Fight against Phase 1 Fight against Phase 2 Fight against Phase 3 Fight against Phase 4 IOC sharing Find random generatet URL's APT Simulator to test your capabilities CyCON 2019 Secure your Microsoft software Password's Cyber Threat Intelligence OSINT Information gathering Malware analysis Equation MISP Forensic
Attack Mobile phones Windows machine
Splunk Incident response Motivation 1st responder actions Tools $MFT related Memory Harddisks SIFT - Memory Analysis Xplico action Windows artefacts
Linux machine PDF Tools'n links MS Word docx using Autopsy Bitscout - The Free Remote Digital Forensics Tool Builder