Network Forensics Blog » Network Forensics

Network Forensics Blog » Network Forensics http://www.networkforensics.com Tue, 21 Jun 2011 22:54:21 +0000 en hourly 1 http://wordpress.org/?v=3.1

Finding injection attacks by looking for injection attacks is a fail http://www.networkforensics.com/2011/06/21/finding-injection-attacks-by-looking-for-injection-attacks-is-a-fail/ http://www.networkforensics.com/2011/06/21/finding-injection-attacks-by-looking-for-injection-attacks-is-a-fail/#comments Tue, 21 Jun 2011 01:53:00 +0000 Gary Golomb http://www.networkforensics.com/?p=820 http://www.networkforensics.com/2011/06/21/finding-injection-attacks-by-looking-for-injection-attacks-is-a-fail/feed/ 0 Using WinDbg to Begin Reverse Engineering Unknown Malware from Memory http://www.networkforensics.com/2011/06/13/using-windbg-to-begin-reverse-engineering-unknown-malware-from-memory/ http://www.networkforensics.com/2011/06/13/using-windbg-to-begin-reverse-engineering-unknown-malware-from-memory/#comments Mon, 13 Jun 2011 03:03:46 +0000 Gary Golomb http://www.networkforensics.com/?p=788 http://www.networkforensics.com/2011/06/13/using-windbg-to-begin-reverse-engineering-unknown-malware-from-memory/feed/ 4 Mutex Analysis: The Canary in the Coal Mine (and Discovering New Families of Malware?) http://www.networkforensics.com/2011/06/11/mutex-analysis-the-canary-in-the-coal-mine-and-discovering-new-families-of-malware/ http://www.networkforensics.com/2011/06/11/mutex-analysis-the-canary-in-the-coal-mine-and-discovering-new-families-of-malware/#comments Sat, 11 Jun 2011 10:34:40 +0000 Gary Golomb http://www.networkforensics.com/?p=755 http://www.networkforensics.com/2011/06/11/mutex-analysis-the-canary-in-the-coal-mine-and-discovering-new-families-of-malware/feed/ 2 Network Forensics and Reverse Engineering Part 2 – A deeper dive into real JavaScript analysis and reverse engineering http://www.networkforensics.com/2011/01/12/network-forensics-and-reverse-engineering-part-2-%e2%80%93-a-deeper-dive-into-real-javascript-analysis-and-reverse-engineering/ http://www.networkforensics.com/2011/01/12/network-forensics-and-reverse-engineering-part-2-%e2%80%93-a-deeper-dive-into-real-javascript-analysis-and-reverse-engineering/#comments Wed, 12 Jan 2011 03:36:14 +0000 Gary Golomb http://www.networkforensics.com/?p=699 http://www.networkforensics.com/2011/01/12/network-forensics-and-reverse-engineering-part-2-%e2%80%93-a-deeper-dive-into-real-javascript-analysis-and-reverse-engineering/feed/ 1 Network Forensics and Reversing Part 1 – gzip web content, java malware, and a little JavaScript http://www.networkforensics.com/2010/11/14/network-forensics-and-reversing-part-1-gzip-web-content-java-malware-and-a-little-javascript/ http://www.networkforensics.com/2010/11/14/network-forensics-and-reversing-part-1-gzip-web-content-java-malware-and-a-little-javascript/#comments Sun, 14 Nov 2010 16:52:32 +0000 Gary Golomb http://www.networkforensics.com/?p=526 http://www.networkforensics.com/2010/11/14/network-forensics-and-reversing-part-1-gzip-web-content-java-malware-and-a-little-javascript/feed/ 0 Sometimes the answer really is that simple… http://www.networkforensics.com/2010/10/26/sometimes-the-answer-really-is-that-simple/ http://www.networkforensics.com/2010/10/26/sometimes-the-answer-really-is-that-simple/#comments Tue, 26 Oct 2010 18:38:39 +0000 tim http://www.networkforensics.com/?p=442 http://www.networkforensics.com/2010/10/26/sometimes-the-answer-really-is-that-simple/feed/ 0 It’s Malware! http://www.networkforensics.com/2010/10/18/its-malware/ http://www.networkforensics.com/2010/10/18/its-malware/#comments Mon, 18 Oct 2010 12:33:46 +0000 Gary Golomb http://www.networkforensics.com/?p=461 http://www.networkforensics.com/2010/10/18/its-malware/feed/ 0 Tracking the “Here You Have” Worm http://www.networkforensics.com/2010/09/10/tracking-the-here-you-have-worm/ http://www.networkforensics.com/2010/09/10/tracking-the-here-you-have-worm/#comments Fri, 10 Sep 2010 15:59:59 +0000 alex http://www.networkforensics.com/?p=420 http://www.networkforensics.com/2010/09/10/tracking-the-here-you-have-worm/feed/ 0 Mini Decoder in Action @TaoSecurity http://www.networkforensics.com/2010/09/10/mini-decoder-in-action-taosecurity/ http://www.networkforensics.com/2010/09/10/mini-decoder-in-action-taosecurity/#comments Fri, 10 Sep 2010 14:49:45 +0000 brian http://www.networkforensics.com/?p=414 http://www.networkforensics.com/2010/09/10/mini-decoder-in-action-taosecurity/feed/ 0 Leveraging Custom Actions in NetWitness Investigator http://www.networkforensics.com/2010/08/30/leveraging-custom-actions-in-netwitness-investigator/ http://www.networkforensics.com/2010/08/30/leveraging-custom-actions-in-netwitness-investigator/#comments Mon, 30 Aug 2010 17:19:33 +0000 alex http://www.networkforensics.com/?p=393 http://www.networkforensics.com/2010/08/30/leveraging-custom-actions-in-netwitness-investigator/feed/ 1