Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/kanglib/edu_for
A cheat sheet for digital forensics :blush:
https://github.com/kanglib/edu_for
digital-forensics forensics
Last synced: 25 days ago
JSON representation
A cheat sheet for digital forensics :blush:
- Host: GitHub
- URL: https://github.com/kanglib/edu_for
- Owner: kanglib
- Created: 2017-06-29T10:41:25.000Z (over 7 years ago)
- Default Branch: master
- Last Pushed: 2017-08-28T09:45:13.000Z (over 7 years ago)
- Last Synced: 2024-08-03T23:08:32.203Z (4 months ago)
- Topics: digital-forensics, forensics
- Size: 43.9 KB
- Stars: 4
- Watchers: 1
- Forks: 1
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-security-collection - **2**星
README
# edu_for
A cheat sheet for digital forensics :blush:
## Memory forensics w/ Volatility
* [Download](http://www.volatilityfoundation.org/releases)
* [Command reference](https://github.com/volatilityfoundation/volatility/wiki/Command-Reference)
* Malware Triage
#### Exercises
* Where is Malware?
* Memory_easy
* Infected Memory
## File system forensics
### MBR
* [MBR structure](https://en.wikipedia.org/wiki/Master_boot_record)
* [Partition types](https://en.wikipedia.org/wiki/Partition_type)
* [MBR examination](http://thestarman.pcministry.com/asm/mbr/STDMBR.htm)
### FAT
* [Specification](http://download.microsoft.com/download/1/6/1/161ba512-40e2-4cc9-843a-923143f3456c/fatgen103.doc)
* [FAT on NTFS.com](http://www.ntfs.com/fat-systems.htm)
* [FAT volume structure](http://thestarman.pcministry.com/asm/mbr/MSWIN41.htm)
#### Exercises
* [Saturated FAT](https://github.com/kanglib/edu_for/raw/master/saturated.zip)
### NTFS
### HFS+
### Android
## Further reading
* [Deus ex machina](https://lmgtfy.com/)