Windows Forensics with Plaso – Compass Security Blog
Tags
| attack-pattern: | Data Software - T1592.002 Tool - T1588.002 |
Common Information
| Type | Value |
|---|---|
| UUID | 9aa0b44c-ea2d-4cdc-a985-91a82aaf6d6c |
| Fingerprint | f4c918f525f201cb |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | March 26, 2019, 8 a.m. |
| Added to db | Jan. 18, 2023, 8:22 p.m. |
| Last updated | Nov. 17, 2024, 6:54 p.m. |
| Headline | Windows Forensics with Plaso |
| Title | Windows Forensics with Plaso – Compass Security Blog |
| Detected Hints/Tags/Attributes | 42/1/19 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://blog.compass-security.com/2019/03/windows-forensics-with-plaso/ |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 6 | setupapi.dev |
|
| Details | Domain | 2 | plaso.readthedocs.io |
|
| Details | Domain | 1 | 2015.swisscyberstorm.com |
|
| Details | Domain | 1 | eprints.hsr.ch |
|
| Details | Domain | 170 | www.sans.org |
|
| Details | Domain | 2 | binaryforay.blogspot.com |
|
| Details | File | 193 | ntuser.dat |
|
| Details | File | 6 | dev.log |
|
| Details | File | 816 | index.html |
|
| Details | File | 1 | daniel_white.pdf |
|
| Details | File | 1 | technischerbericht.pdf |
|
| Details | File | 1 | parsers-and-plugins.html |
|
| Details | File | 1 | introducing-kape.html |
|
| Details | Url | 1 | https://plaso.readthedocs.io/en/latest/index.html |
|
| Details | Url | 1 | https://2015.swisscyberstorm.com/res/presentations/daniel_white.pdf |
|
| Details | Url | 1 | https://eprints.hsr.ch/607/1/technischerbericht.pdf |
|
| Details | Url | 1 | https://www.sans.org/security-resources/posters/windows-forensics-evidence-of/75/download |
|
| Details | Url | 1 | https://plaso.readthedocs.io/en/latest/sources/user/parsers-and-plugins.html |
|
| Details | Url | 1 | https://binaryforay.blogspot.com/2019/02/introducing-kape.html |