Uncategorized

Teamviewer Forensic Artifacts

The average system administrator uses remote administration tools to enable them to tend to systems across their network. There are a variety of these tools available and one of them is Teamviewer. During an incident, there are several logs and artifacts of interest that are vital. Each log provides some

Parsing IIS Logs

Windows variant of a webserver is called Internet Information Services (IIS). The feature comes as part of Windows server builds but isn’t enabled but default. If you manage an IIS server, logs write to c:\inetpub\logs by default and without a tool or capability, aren’t necessarily the easiest to read. With

Jump Bag Stuff

Wifi-Pineapple – https://hakshop.myshopify.com/products/wifi-pineapple?variant=81044992 PWN Plug – https://www.pwnieexpress.com/product/pwn-plug-elite/ Read-Only Flash Drive – http://www.kanguru.com/storage-accessories/flash-blu2.shtml SmartSniff – http://www.nirsoft.net/utils/smsniff.html