Home
darkcybe
Cancel

Python Overview

Python is an easy to understand, interpreted programming language that is commonly used across the cybersecurity community. Data Types Integers and Strings Integers are set without quotation and ...

Building SIFT Workstation on Ubuntu 20.04 LTS

The good folks at SANS Institute have put together and maintain a pre-configured collection of tools to assist DFIR analysts in their war against the cyber baddies. If you’ve taken one of SANS DFIR...

Reconnaissance

Overview Gathering information on target infrastructure, operations, and personnel. Reconnaissance consists of techniques that involve adversaries actively or passively gathering information that...

Nmap

“Nmap (“Network Mapper”) is a free and open source utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network invento...

PeCmd

Overview PECmd is a command line tool developed by Eric Zimmerman, to process Prefetch files (.pf) on Windows operating systems, identifying items such as: Volume information Files and Direc...

Cybersecurity Risk Frameworks

Cybersecurity Risk and Risk Management Cybersecurity risk refers to the potential for harm to an organization’s assets, such as data, systems, and networks, as a result of cyber threats. Cyber thr...

Ethical Hacking Overview

Using any tools, tactics, or techniques mentioned in this repository on infrastructure that you do not own or do not have express permission to perform tasks on is strictly prohibited. Such acti...

Evidence of Network and Browser History

Techniques that can be used to discover evidence in support of an assets physical location, network connectivity and web browser history post-breach. More useful in investigation relating to inside...

Evidence of Lateral Movement

Techniques that can be used to discover evidence in support of lateral movement through a network using various techniques. Windows Remote Desktop Protocol (RDP) Usage Track RDP logins between re...

Evidence of File and Folder Interaction

Techniques that can be used to discover evidence in support of an attackers interaction with files and folders such as search, deletion and opening post-breach. Windows XP Search (ACMRU) A wide v...