AssemblyLine – Decompressing CaRT Files, Download Submission
All submissions in AssemblyLine are stored in CaRT encoded format. This guide will help in AssemblyLine – Decompressing CaRT Files and Download Submissions
All submissions in AssemblyLine are stored in CaRT encoded format. This guide will help in AssemblyLine – Decompressing CaRT Files and Download Submissions
When you get errors during submissions, performance issues, or under minimum requirements – you will need AssemblyLine performance Troubleshooting guide
GitHub Exfiltration Indicators will help you in you Threat Hunting activities of exfiltration data from your organization or to monitor / block the platform
Basis Technology Autopsy Usage Guide will cover easy usage steps – you can fast start analyzing your data sources after you installed and configured Autopsy
After you had installed Autopsy you will need Autopsy Ingestion Modules Configuration to fully unleash the power of this application
This guide will provide you Autopsy and plugins installation steps. Basis Technology Autopsy is a complex forensics system based on sleuthkit
You can use SysInternals Sigcheck for VirusTotal Offline Scan on a computer that without internet access. Sigcheck can send more than 500 files a day to VT
This guide will help you using Didier Stevens virustotal-search python script to bulk file hash check with VirusTotal using VT Public API key
There are several issues with Basis Technology Autopsy to export CSV or XLSX, mainly for large data sets. Providing 3 ways to export sheets.
CrowdStrike Adversary Hunt CTF 2021 (took place between 18.01 – 29.01) and this is our Space Jackal – The Proclamation Writeup (Bootloader Debug) only