Disk Analysis with Autopsy | HackerSploit Blue Team Training
ฝัง
- เผยแพร่เมื่อ 14 มิ.ย. 2024
- Continuing our Blue Team Training series, @HackerSploit will cover using the tool Autopsy® for disk analysis. Autopsy is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It is used by law enforcement, military, and corporate examiners to investigate what happened on a computer.
The full Blue Team Training series is available here: • Hackersploit Linux Sec...
Chapters:
0:00 Introduction
0:32 What We Will Be Covering
1:19 Prerequisites
1:32 Introduction to Disk Forensics
3:56 Introduction to Autopsy
6:04 Learning Resources
6:30 Practical Demo
7:00 Where to Download Autopsy
8:34 Obtain FTK Imager
9:00 Get Started with FTK Imager
12:30 How to use CFReDS
15:10 Creating a New Case in Autopsy
22:00 Overview of Data Sources
26:00 Overview of Views
35:19 Overview of Data Artifacts
40:52 Analysis Result in Autopsy
42:34 Overview of OS Accounts
43:20 Overview of Tags in Autopsy
43:48 Exporting Files or Information in Autopsy
44:50 Managing the Timeline in Autopsy
51:30 Conclusion
New to Cloud Computing? Get started here with a $100 credit → www.linode.com/linodetube
Check out Autopsy here → www.sleuthkit.org/autopsy/
Watch Hackersploit's Red Team Series → • Adversary Emulation wi...
Subscribe to get notified of new episodes as they come out → th-cam.com/users/linode?sub_co...
#BlueTeam #cybersecurity #hackersploit
Product: Linode, Blue Team, Autopsy Linux, Hackersploit, ; @HackerSploit - วิทยาศาสตร์และเทคโนโลยี
This was informative. Very well made.
thank you, this video is really helpful!
Hello Akamai, your dem-video is very informative. Your step by step guide was on point and explanatory process too. I really would like to see more demo-videos on Disk Analysis also with other similar/pro tools like autopsy etc. I hope to get a feedback from you as I have also subscribed to your channel. Keep it the good work and keep it coming. Thanks!
This is very good
When i choose data source, i can only see "unallocated" entities, i dont have directories listed like you do