Hello guys. I am a researcher related to cybersecurity. Many people realize the weight of the word ransomware. I will explain how people recover a file if they are infected by ransomware. No worries. This posting concept no has any source code behavior. I will describe it as if it were a real-time recovery. The purpose of this article is to let you know that even people who are not used to compu..

I wrote two versions Eng and Kor. I solved this challenge with two methodologies. Now, I wrote an English version (Methodology #1). The methodology #2 drafts are not started yet. Coming soon. English Version: https://sangsoo-lab.notion.site/Eng-ver-CodeEngn-Mobile-App-L01-First-Methodology-ab096b2bd05c4f79b16ac5a2e21233bd Eng ver. [CodeEngn] Mobile App L01 First Methodology This posting is revea..

보호되어 있는 글입니다.

https://sangsoo-forensic.notion.site/cyberdefenders-MrRobot-fa7b8ceb297e470fa65d033b5d893a11

Keyword: Memory Dump The investigator gained one dump file. The table shows the default option is below related to the dump file. The Result of the NtMajorVersion is 10. In other words, the system is working on Windows 10 OS. Kernel Base 0xf8002ec04000 DTB 0x1ab000 Symbols file:///home/kali/Desktop/volatility3/volatility3/symbols/windows/ntkrnlmp.pdb/D788F72ABE964EFCACAAD0276DAAE6CB-1.json.xz Is..

Hello guys. Welcome to my IR practice room. Today, I solved one problem 'Insurance' located in incident-response-challenge.com. Actually, you can get a flag easily. I had many questions about this challenge. Hence, I conducted a detailed analysis myself. While conducting the analysis, there was a lot of new knowledge and it was a good time to use the knowledge I had known before. The person who ..