The Dissect Effect - An Open Source IR Framework
In this episode, we'll take a look at the recently open sourced Dissect incident response framework from Fox-IT. We'll briefly examine the overall capabilities of the software, then we'll install it within a WSL 2 environment, and lastly, we'll take it for a test drive using a Windows Server 2019 disk image.
*** If you enjoy this video, please consider supporting 13Cubed on Patreon at patreon.com/13cubed. ***
📖 Chapters
00:00 - Intro
02:37 - Installation
03:31 - Using target-query
11:01 - Using target-shell
14:33 - Recap
🛠 Resources
Dissect Project:
https://github.com/fox-it/dissect
Dissect Documentation:
https://docs.dissect.tools/en/latest/
#Forensics #DigitalForensics #DFIR #ComputerForensics #WindowsForensics
Видео The Dissect Effect - An Open Source IR Framework канала 13Cubed
*** If you enjoy this video, please consider supporting 13Cubed on Patreon at patreon.com/13cubed. ***
📖 Chapters
00:00 - Intro
02:37 - Installation
03:31 - Using target-query
11:01 - Using target-shell
14:33 - Recap
🛠 Resources
Dissect Project:
https://github.com/fox-it/dissect
Dissect Documentation:
https://docs.dissect.tools/en/latest/
#Forensics #DigitalForensics #DFIR #ComputerForensics #WindowsForensics
Видео The Dissect Effect - An Open Source IR Framework канала 13Cubed
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
![First Look at Volatility 3 Public Beta](https://i.ytimg.com/vi/ozeedYjv5Lw/default.jpg)
![New Course! Investigating Linux Devices](https://i.ytimg.com/vi/4sRFu_QTkXM/default.jpg)
![Introduction to MFTECmd - NTFS MFT and Journal Forensics](https://i.ytimg.com/vi/_qElVZJqlGY/default.jpg)
![Introduction to Plaso Heimdall](https://i.ytimg.com/vi/JZGfhd1PNhU/default.jpg)
![VMware Memory Forensics - Don't Miss This Important Detail!](https://i.ytimg.com/vi/P0yw93GJsYU/default.jpg)
![An Important Change to ShellBags - Windows 11 2023 Update!](https://i.ytimg.com/vi/M1nyMIu1Y18/default.jpg)
![Introduction to iLEAPP - iOS Forensics Made Easy](https://i.ytimg.com/vi/fEYV5vVAdu4/default.jpg)
![Windows MACB Timestamps (NTFS Forensics)](https://i.ytimg.com/vi/OTea54BelTg/default.jpg)
![Secret Office 365 Activities API](https://i.ytimg.com/vi/JhM9UteuJKc/default.jpg)
![RDP Authentication vs. Authorization](https://i.ytimg.com/vi/OlENso8_u7s/default.jpg)
![Channel Update and Survey](https://i.ytimg.com/vi/OP_mRWNCRHU/default.jpg)
![Your Signature Is a JAR](https://i.ytimg.com/vi/rKPRYLb3pOs/default.jpg)
![RDP Hashes - Event ID 1029 Explained](https://i.ytimg.com/vi/qxPoKNmnuIQ/default.jpg)
![Windows Process Genealogy - Update](https://i.ytimg.com/vi/vpSIw-zGhhE/default.jpg)
![DFIR Home Labs - Storage Review](https://i.ytimg.com/vi/3WABNftj_V8/default.jpg)
![Profiling Network Activity with Volatility 3 - GeoIP from Memory](https://i.ytimg.com/vi/egv63oso8Qc/default.jpg)
![Visual Analysis with ProcDOT](https://i.ytimg.com/vi/KRctlgDTJz4/default.jpg)
![Where's the 4624? - Logon Events vs. Account Logons](https://i.ytimg.com/vi/EXsKJ9kIc6s/default.jpg)
![Let's Talk About MUICache](https://i.ytimg.com/vi/ea2nvxN878s/default.jpg)
![User Access Logging (UAL) Forensics](https://i.ytimg.com/vi/rVHKXUXhhWA/default.jpg)
![Two Thumbs Up - Thumbnail Forensics](https://i.ytimg.com/vi/5efCp1VXhfQ/default.jpg)