Browse: Home / 2010 / January

January 2010

You are browsing the archive for January 2010.

The Rootkit Arsenal: Escape and Evasion in the Dark Corners of the System by Bill Blunden

The Rootkit Arsenal: Escape and Evasion in the Dark Corners of the System by Bill Blunden

By Max on January 27, 2010

The Rootkit Arsenal is primarily focused on rootkits, every aspect of a rootkit in fact. What I thought was really great was Blunden’s entire section on anti-forensics and computer forensics where acquisition methods, examination methods and other techniques are explained in detail.

Posted in | Tagged , | 3 Responses

Meta Anti-Forensics (Conference talk by The Grugq)

By Max on January 26, 2010

Another presentation by The Grugq and his knowledge and contributions to the anti-forensics community during his computer forensic and anti-forensic research. The video below is a presentation The Grugq performed at Hack in the Box 2007 security conference. The Grugq covers anti-forensics techniques as well as the HASH or hacker shell which he developed.

Posted in , | Tagged | 2 Responses

The Art of Defiling: Defeating Forensic Analysis on Unix Filesystems (Conference talk by The Grugq)

By Max on January 25, 2010

The Grugq has contributed greatly to the anti-forensics community during the course of his of computer forensic and anti-computer forensic research. This must watch presentation on anti-forensics will familiarize you on Unix file system structure, common forensic tools and some theories behind file system anti-forensic attacks.

Posted in , | Tagged | Leave a response

Archives