Cart
DojoHub
HomeBlog

Blog

Showing 1 - 10 of 12 results

Unlocking Windows Forensics: A Deep Dive into NTUSER.DAT Analysis

Introduction In the ever-evolving field of digital forensics, the Windows Registry serves as an indispensable repository of system and user...
  • DFIR
  • November 28, 2024
Read more

Unlocking Windows Artifacts: Key File & Folder Opening Evidence for Forensic Analysis

In digital forensics, identifying, collecting, and interpreting system artifacts is crucial for uncovering the truth behind user activity. Whether you’re...
  • DFIR
  • November 18, 2024
Read more

Detection as Code: Revolutionizing Cybersecurity with Automation and Precision

In today’s advanced threat landscape, Detection as Code stands out as a game-changing approach. By treating detection logic as code,...
Read more

Threat Hunting for OilRig (APT34): A Deep Dive for Threat Hunters

APT34, also known as OilRig, is a well-organized and persistent Iranian cyber espionage group that has been actively targeting organizations...
Read more

Case Study: Forensic Investigation into Suspected Data Exfiltration

When tasked with investigating potential data exfiltration by a former employee, I knew the process would involve meticulously examining digital...
  • DFIR
  • November 5, 2024
Read more

Crafting a Successful Incident Response Playbooks

Introduction In today’s threat landscape, security incidents are a certainty, and every organization must be prepared to defend its critical...
  • DFIR
  • November 3, 2024
Read more

How to Become a Successful SOC Tier 2 DFIR Analyst: Essential Skills and Strategies

Becoming a professional Tier 2 SOC analyst in Digital Forensics and Incident Response (DFIR) demands a comprehensive set of skills...
  • DFIR
  • November 2, 2024
Read more

GOAD Series Pt.1

Main project by Mayfly: https://github.com/Orange-Cyberdefense/GOAD This was fully tested only on a Windows 10 machine with 64GB of RAM. This may...
Read more

Understanding the DCShadow Attack: A Curious AD Threat

DCShadow is an advanced feature of the Mimikatz tool, specifically found in the lsadump module. This powerful attack simulates the...
Read more

Threat Hunting: From LOLBins to Your Crown Jewels

What are LolBins? “LolBins” or Living of the Land Binaries, is a term used to describe the exploitation of legitimate operating...
Read more

Categories

Archives
Tags
AD Attacks DAIR Digital Forensics Incident Response LOLBins Threat Hunting Windows Internals

Disclaimer

The materials presented on the website are not sponsored, endorsed, or affiliated with SANS, Microsoft, INE, or other logos mentioned here on the site. All logos are registered trademarks of these vendors in the United States and some other countries.

Upcoming Events

Most Popular Blog

From PICERL to DAIR: The New Incident Response Process with a Flexible Approach

May 17, 2024 No Comments
Read More »

Most Popular Course

  • Cybersecurity and IT Essentials

    GSEC

    GSEC Preparation (SEC401)

    Unlock the foundational knowledge and practical skills to defend against cyber threats with Cyber Dojo’s GSEC Preparation (SEC401) course. This course delves into the fundamental principles of computer and information security,...
    • 78 Lessons
    Start Learning

Important Links

@ 2023 Cyber Dojo. All rights reserved.

Connect with us