Author Archives: HatsOffSecurity

Removing Cookies

Do you know how many cookies are tracking you? Have you tried to clear the cookies only to find some things not quite gone? Well I have a product for you!… just kidding, it sounded like an advert, so I … Continue reading

Posted in Browser Forensics, Cookies | Tagged , , , | Leave a comment

Wireshark – Introduction

What is Wireshark According to Wireshark.org: Wireshark® is a network protocol analyzer. It lets you capture and interactively browse the traffic running on a computer network. What does this mean to you? This means Wireshark allows you to view network … Continue reading

Posted in Network Forensics, Shellshock, Wireshark | Tagged , , , , | Leave a comment

Types of Threat – Explained

From a high level what are the types or categories of threats faced by the Security professional? Let’s go over some basics. Internal Authorised Internal Unauthorised Internal to External External to Internal External to External (new) The first 4 are … Continue reading

Posted in Cyber, Forensic Readiness Plan, Incident Response, Preparation | Tagged , , , , , , | Leave a comment

Pass-the-hash Mitigation – Tip of the Day

I have been recently researching Pass the Hash mitigation techniques and I have found that there are the usual comments about not logging on to workstations with Admin accounts, ensuring your local admin accounts don’t have the same password, ensuring … Continue reading

Posted in Group Policy, Hardening, Incident Response, pass the hash, Pen Testing, Preparation, Research | Tagged , , , , , | Leave a comment

Force Enabling ReadyBoost Windows 7/8

Whilst writing a presentation on USB Forensics, I was hit with a problem with ReadyBoost being disabled on my Virtual Machine. The message would read This device cannot be used for ReadyBoost. ReadyBoost is not enabled on this computer because … Continue reading

Posted in ReadyBoost, USB Forensics, Windows Forensics, Windows Registry Forensics | Tagged , , , | 16 Comments

USB Roadmap v2

A quick update to the USB Roadmap, a few comments from the first version were regarding the arrows. They were a little overwhelming and annoying, so I thought I would re-arrange it a little. I will look at any changes … Continue reading

Posted in USB Forensics | Tagged , | Leave a comment

Renaming a GRR Server & Client Configuration

Renaming the Server & Updating the Clients Rather than rebuilding a new server for every deployment you may feel it is easier to build a clean virtual build and clone that for each customer. As such renaming the VM would … Continue reading

Posted in Google Rapid Response, GRR, Incident Response | Tagged , , , | Leave a comment

USB Forensic “Roadmap”

As I have been researching and investigating USB Forensics I put together a “Roadmap” for my own personal reference. I made it using Maltego Case File and refer to it every now and then when I am attempting to remember … Continue reading

Posted in Cyber, Research, USB Forensics, Windows Forensics | Tagged , , , , , | Leave a comment

Windows XP Restore Points

I know XP is going the way of the Dodo, which is why I wanted to write this post. As blogs and posts update and keep up with the latest versions of Windows I find it harder and harder to … Continue reading

Posted in Introduction, Windows Forensics, Windows Registry Forensics, Windows XP | Tagged , , , , , , | Leave a comment

SANS Christmas Hacking Challenge

I thought I would write about my experiences with the Christmas Hacking Challenge by SANS, I am writing this before Christmas, but I wont publish it until after the closing date for obvious reasons 🙂 The challenge has an amazing … Continue reading

Posted in Competition, Cyber, Heartbleed, Pen Testing, Research, SANS, Shellshock, USB Forensics, Windows Forensics | Tagged , , , , , , , | 5 Comments