digital forensic(28)
-
USBDeview
USBDeview USB 정보를 분석할 수 있는 도구 http://www.nirsoft.net/utils/usb_devices_view.html 다운로드하기 페이지 하단부분에서 Download 링크 클릭 직접다운로드
-
[Windows Forensic] FAT: General Overview of On-Disk Format
Hardware White Paper FAT: General Overview of On-Disk Format Contents Notational Conventions in this Document.................... 6 General Comments (Applicable to FAT File System All Types)......................................... 6 Boot Sector and BPB ................................................... 6 FAT Data Structure .................................................... 12 FAT Type Determ..
-
ZeroAccess, Volatility, and Kernel Timers
ZeroAccess, Volatility, and Kernel Timers http://mnin.blogspot.kr/2011/10/zeroaccess-volatility-and-kernel-timers.html As today is Volatility Friday, we'll discuss how to hunt ZeroAccess in memory by following the lead of several others and then writing our own custom plugin. I first want to recognize the work done on this topic by Frank Boldewin, Giuseppe Bonfa, and Marco Giuliani. They are the..
-
Runscanner - 실행
실행하기 exe파일 실행 OK 실행화면!!! Scan computer 버튼 클릭 분석결과
-
Runscanner-startup and hijack analyzer
Runscanner startup and hijack analyzer portable Runscanner site http://www.runscanner.net/ 다운로드 상단의 Download 링크 클릭 > Freeware Download버튼 클릭 직접다운로드
-
Public process list-Runscanner
Windows에서 실행중인 프로세스 정보확인 Public process list-Runscanner http://www.runscanner.net/filelist.aspx?l=a