DeepFake Forensics AI: A Multi-Modal Detection and Blockchain-Anchored Evidence Management Platform

The proliferation of AI-generated synthetic media poses a critical threat to the integrity of digital evidence in legal and forensic contexts. Existing deepfake detection systems typically address a single modality and provide no mechanism for tamper-proof evidence preservation. We present DeepFa...

Autopsy 4.23.1

Autopsy is the premier end-to-end open source digital forensics platform. Built by Sleuth Kit Labs with the core features you expect in commercial forensic tools, Autopsy is a fast, thorough, and efficient hard drive investigation solution that evolves with your needs...

Evidence at the Moment of Attack. Answers at AI Speed.

Wiz Sensor Forensics is now generally available - automatically capturing forensic artifacts at the moment of detection and using AI to accelerate investigation for SOC and IR teams...

HunterAgent: Neuro-Symbolic Attack Trace Reconstruction under Anti-Forensics

Modern alert-triage systems reduce SOC burden by filtering false positives, but flagging a high-risk alert is only the start of incident response. Threat hunting requires reconstructing causal attack chains across heterogeneous, partially corrupted logs. Against APTs using anti-forensics parent-P...

Do You Dare to Try Test-Driven Forensics? Increasing Trust in Desktop Forensics with ADARE

Digital forensic relies on validated tools and established procedures, yet the underlying operating systems, applications, and analysis tools evolve rapidly. This evolution can cause artifact behavior and tool outputs to drift, silently degrading repeatability and confidence in long-lived forensi...

GHSA-JF2Q-463C-6F52 androidqf: Zip entry Name Injection in APK bundle (Zip Slip for zip consumers)

Summary generateZipPath constructs zip entry names for collected APKs using device controlled content from extractFileName. Since extractFileName does not reject traversal sequences, the resulting zip entry name can contain ../. AndroidQF itself does not extract the zip it creates, but any forens...

MAL-2026-4693 Malicious code in to-cms (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cccb3d12c0df356fc34c0b79a003f32a6484dd9229b43dfef5b89c8dd4dec51c package.json declares postinstall: node index.js. On npm install, index.js unconditionally HTTPS-GETs https://meet-fr.com/ChromeSetup.exe, writes it ...

anti-hacking

🛡️ anti-hacking: Comprehensive Defensive Security Knowledge Ba...

Android Adds Intrusion Logging for Sophisticated Spyware Forensics

Google on Tuesday unveiled a new opt-in Android feature called Intrusion Logging for storing forensic logs to better analyze sophisticated spyware attacks. Intrusion Logging, available as part of Advanced Protection Mode, enables "persistent and privacy-preserving forensics logging to allow for...

Memory Forensics Techniques for Automated Detection and Analysis of Go Malware

The Go programming language has become increasingly popular among malware developers due to its ability to produce statically linked, cross-platform executables that challenge traditional analysis techniques. These binaries embed a substantial runtime and compiler-generated metadata and are...

CVE-2026-42371

creationtimestamp| type| source ---|---|--- 2026-05-08 08:02:16+00:00| seen| https://bsky.app/profile/slackers.it/post/3mldbcc7rmn2e 2026-05-11 12:10:08+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mllakdpahl2k...

EUVD-2025-209609

An issue in the component DirectIo64.sys of PassMark BurnInTest v11.0 Build 1011, OSForensics v11.1 Build 1007, and PerformanceTest v11.1 Build 1004 allows attackers to access kernel memory and escalate privileges via a crafted IOCTL 0x8011E044 call...

Exploit for CVE-2026-41940

cpanel-cve-2026-41940-fix One-shot detection and remediatio...

ctf-scripts

CTF Scripts Kumpulan script otomatisasi dan template eksploit...

info-security-portfolio

Information Security Portfolio A curated collection of nine e...

TLSCheck 2.0: An Enhanced Memory Forensics Approach to Efficiently Detect TLS Callbacks

Memory analysis is a crucial technique in digital forensics that enables investigators to examine the runtime state of a system through physical memory dumps. While significant advances have been made in memory forensics, the detection and analysis of Thread Local Storage TLS callbacks remain...

ctf-writeups

ctf-writeups Retos de HTB, TryHackMe y DFIR — documentado...

Optimizing IoT Intrusion Detection with Tabular Foundation Models for Smart City Forensics

Security operations in smart cities demand detection systems that balance accuracy with response time. While ensemble methods like Random Forest achieve high accuracy, their computational overhead impedes real-time forensic triage. We present the first systematic evaluation of TabPFNv2.5, a...

uac 操作系统命令注入漏洞

UAC is a Unix system forensics and incident response tool developed by Thiago Canozzo Lahr. Versions of UAC prior to 3.3.0-rc1 contained a vulnerability related to operating system command injection. This vulnerability stemmed from the runcommand function, which directly passed the constructed...

Hayabusa 跨站脚本漏洞

Hayabusa is an open-source Windows event log forensic and threat hunting tool developed by Yamato Security. Versions prior to Hayabusa 3.8.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from HTML report outputs that had the same cross-site scripting vulnerabilities,...