Windows Kiosk OptionsSteady State (https://en.wikipedia.org/wiki/Windows_SteadyState) used to be a good option to revert changes routinely to a Windows…May 30, 2023May 30, 2023
Analysis of VHDX image filesIf you’ve got some VHDX disk image files you need to analyze, your analysis tools may not ‘just work’ with them. Often the easiest route…Feb 26, 2021Feb 26, 2021
Sharing Code Snippets on MediumThere are a few good ways to include pieces of code. The first is toJan 12, 2021Jan 12, 2021
Parsing Email Headers from an MBOX fileWhen analyzing email headers from an MBOX file, a Python script like this is useful to pull out the fields of interest:Jan 5, 2021Jan 5, 2021
Pulling Jabber User Information out of Packet CapturesLet’s say you’ve got a month of PCAP files for a Jabber (XMPP) server and you need to identify what you can about the users of that server…Jan 5, 2021Jan 5, 2021
Ploop Images in Digital ForensicsPloop is a disk storage container used by OpenVZ; see https://wiki.openvz.org/PloopDec 23, 2020Dec 23, 2020
Sweeny Blogs InfosecThis space will serve as a place for me to share (and record for my own reference) tools and procedures to tackle Infosec & Forensic…Dec 23, 2020Dec 23, 2020