Collect-MemoryDump - Automated Creation Of Windows Memory Snapshots For DFIR

Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR Collect-MemoryDump.ps1 is PowerShell script utilized to collect a Memory Snapshot from a live Windows system in a forensically sound manner. Features: Checks for Hostname and Physical Memory Size before starting memory...

SwishDbgExt - Incident Response & Digital Forensics Debugging Extension

SwishDbgExt is a Microsoft WinDbg debugging extension that expands the set of available commands by Microsoft WinDbg, but also fixes and improves existing commands. This extension has been developed by Matt Suiche @msuiche – feel free to reach out on [email protected] ask for more features,...

Hundreds of Millions in Digital Currency Remains Frozen

Between $150 million and $300 million in digital currency called ether remains inaccessible today after a user said he “accidentally” triggered a vulnerability that froze the funds in the popular Parity wallet. Parity Technologies issued an advisory warning users about the flaw in the Parity Wall...

Petya Is Not Ransomware, It's a 'Wiper'

The outbreak of the ExPetr malware isn’t a ransomware attack, but more precisely, it’s a wiper attack that sabotaged PCs globally, overwriting their Master Boot Record forever. That’s the analysis of security experts from Kaspersky Lab and Comae Technologies who shared their latest research on th...