Skip to main content

Posts

Featured

Windows Forensics Practice: Learning to use Autopsy

Learning the basics of investigating using Autopsy. I'm trying to get some experience using windows forensics tools. The lab provides a forensic image that you have to import into Autopsy for analysis. Once imported there are some questions to answer through using the tool for investigation. 1. What is the hostname of the user's machine?  I found the hostname through exploring the Operating System Information in the Extracted Content. Once selected you can see the hostname is IE11WIN7. 2. Looking at EXIF data, what camera make was "Hack-Messages[1].jpg" After navigating to the EXIF data folder, you can see the camera make is shown to be a Canon. 3.  In the IEUser's desktop there is a zip file; what is the token stored in the file in the zip archive? After navigating to the IEUser's Desktop folder and selecting the Hidden.zip file, you can see the token located in the strings.
Post a Comment
Read more

Latest Posts

Image

Traffic Analysis Practise: IcedID & Trickbot

1 comment

Practise Analysing Traffic and Writing an Incident Report

Post a Comment
Image

Vulnhub Metasploitable 1: Metasploit Practice for my Short Course Exam

Post a Comment
Image

CompTIA Pentest Challenge 2: Basic Brute Forcing Practice

1 comment
Image

CompTIA Pen Test Challenge 3: DNS Zone Transfer

Post a Comment

Learning Dump: The Pentest Process

Post a Comment
Image

CompTIA Pentest Challenge 1: Super Basic Web App Testing Writeup

Post a Comment