Guidelines to Become a Security Architect

As the use of technology expands, the need for security architects grows.  Security architects use an array of technological expertise to minimize security risks for their clients.  They focus on security domains such as physical security, risk management, application development, and network security.  Their goal is to remedy security breaches by formulating big-picture solutions and […]

Tools Used for Windows Registry Analysis

An assortment of third-party utilities come in handy when analyzing registry contents, many of which provide unique kinds of functionality. Reg Ripper, an open source tool developed in Perl, allows the FE to parse registry information at a granular level. For example, Reg Ripper’s plugins give the FE specific commands to invoke in the CLI, enabling […]

Command Line Arguments for Windows and Investigations

Investigators have a diverse number of command line arguments at their disposal when analyzing Windows operating systems.  The netstat command reveals an inventory of connections on the local machine. For example, it displays the default loopback address as 127.0.01. Though the output generated by this command alone can be too vague to have evidentiary value, […]

Paladin 7 – An OS for Forensics

Paladin 7 is a Linux-based operating system that consolidates a wide array of forensic tools for investigations.  For general demands, Paladin features a LUI terminal through which numerous applications and commands can be invoked.  It also offers a general Paladin toolkit that includes imaging utilities like DC3DD, DCFLDD, etc.  Additionally, Paladin furnishes Autopsy 4 as a […]

Malware Analysis: Zeus

A myriad of nefarious software has been designed to threaten business infrastructure. For example, the malware dubbed “Zeus” uses a man-in-the-middle attack to carry out malicious activity.  As a program often used to steal corporate online credentials, it exhibits a high degree of complexity.  It displays polymorphism, which allows it change form and bypass detective controls.  To exfiltrate […]

Tools for Malware Analysis

Security analysts and forensic investigators construct toolboxes for malware analysis with a host of various tools. Applications used for malware examination include procmon.exe, VirusTotal, Dependency Walker, BinText, Wireshark, and Strings. Together, these programs provide a fairly comprehensive set of capabilities for use in a malware analysis toolkit. With procmon.exe, an analyst can observe a readout […]

Case Study on Anti-Forensics

Generally speaking, competition almost always consists of an interaction between moves and countermoves.  This pattern can be found in almost all forms of conflict, extending to game-theory, business, politics, war, law, and even crime.  In the field of information security, this trend continues as users implement advancing procedures and technologies to gain an edge over […]