tsrvinnie@gmail.com

Forensics

Venmo Phishing Deploying Keylogger via Discord’s CDN

Venmo phishing email with an ISO file containing VBScript acting as a downloader for additional malware components downloaded from Discord’s CDN leading to keylogging functionality on the infected system.

Maze Ransomware Analysis

Data Dump(dd) to Create a Forensic Image with Linux

Data Dump(dd) to Create a Forensic Image with Linux There are a few Linux distributions designed specifically for digital forensics. These flavors contain examiner tools, and are configured not to mount (or mount as read only) a connected storage

Extract GPS Coordinates from Digital Photos

Extract GPS Coordinates from Digital Photos How to use the Exif Tool to extract GPS coordinates from a digital photograph. Location services will usually have to have been enabled for photos on the device. Exchangeable image file format (EXIF) can be important

Crack Windows Passwords with Registry Hives

Crack Windows Passwords with Registry Hives This guide will instruct you through capturing the registry files off of a running Windows workstation. Then, use pwdump to extract the LM/NTLM hashes to crack at Crackstation. Launch FTK Imager from USB Go to

RAM Acquisition with FTK imager and Volatility

RAM Acquisition with FTK imager and Volatility This RAM acquisition guide will work on all current versions of Windows, including Windows Server. However, not all volatility commands are compatible with each version of Windows. Volatility is a CLI tool for