Digital forensic examiners are investigators who are experts in gathering, recovering, analyzing, and presenting data evidence from computers and other digital media related to computer-based .They might work on cases concerning identity theft, electronic fraud,investigation of material found in digital devices ,electronic evidence, often in relation to cyber crimes.
Friday, January 8, 2021
Email Forensics: Metaspike CTF
Email Forensics: Metaspike CTF
วันนี้มาแนะนำการแข่งขัน Email Forensics CTF ซึ่งจัดโดยกลุ่ม Metaspike Community!กลุ่มเปิดให้ทุกคนพูดคุยเกี่ยวกับ digital forensicsเข้าร่วมการสนทนาเพื่อแบ่งปันประสบการณ์คำแนะนำและเคล็ดลับและเรียนรู้จากผู้อื่น และมีจัดกิจกรรม Capture The Flag (CTF) โดยกิจกรรมจะเปิดและปิดเป็นช่วง Jan- Feb 2021
Tools recommendations for the CTF
Text Editor
I strongly recommend using a capable text editor. My favorite is UltraEdit. Other good options are Sublime Text or Atom, possibly with some MIME syntax highlighters.
Conversions
I recommend using CyberChef for date and format conversions.
MAPI
When working with MSGs and PSTs, you can use MFCMAPI or OutlookSpy with Outlook.
General Metadata Extraction
You will likely need a general-purpose tool that can extract embedded files, file metadata, etc. Good candidates are X-Ways, Autopsy, or perhaps ExifTool or MetaDiver when you don’t feel like pulling out the big guns.
PDF Deep Dive
When you encounter PDFs, you will likely need a deep dive tool to look into them in detail. You can use PDF CanOpener (with Acrobat), PDF Stream Dumper, pdf-parser.py, etc.
No comments:
Post a Comment