Hats Off Security
-
Recent Posts
- SMB2 Protocol Negotiation
- SMB2 – File/Directory Metadata
- SMB Tree Connect/Response Details
- SMBv2+ SYNC Header Explained
- SMB Quick Introduction
- Unique Usernames!
- Ringzer0team – Forensics Challenge 35 – Poor internet connection
- TTLs and where to find them
- Windows Spotlight Image Location
- OpenDoor Scanner vs SimpleHTTPServer (PCAP)
Categories
- Attack
- Browser Forensics
- Brute force
- Chrome
- Competition
- Competitions
- Containment
- Content Delivery Manager
- Cookies
- Cyber
- Cyber Security Challenge
- Decoding Time
- Firefox
- Forensic Readiness Plan
- Google Analytics
- Google Chrome
- Google Rapid Response
- Group Policy
- GRR
- Hardening
- Heartbleed
- Identification
- Incident Response
- Internet Explorer
- Introduction
- Jump Lists
- Link FIles
- Memory Forensics
- Microsoft Edge
- My Two Cents
- Network Analytics
- Network Forensics
- pass the hash
- PCAP Analysis
- Pen Testing
- Preparation
- Protocol
- ReadyBoost
- Research
- Safari
- SANS
- Shared Folders
- Shellshock
- SMB
- SSH
- Uncategorized
- USB Forensics
- Windows Forensics
- Windows Registry Forensics
- Windows Registry Forensics
- Windows Spotlight
- Windows XP
- Wireshark
CyberLinks
- Follow Hats Off Security on WordPress.com
- My Tweets
Tag Archives: Safari
HTTP Cookies – Part 4 – Safari Cookies
Safari Location Pretty sure this location has been the same for a number of years now, if not let me know in the comments: ~/libraries/cookies Removing Safari Cookies I am not a MAC expert, so I am going to bow … Continue reading
Posted in Browser Forensics, Cookies, Safari
Tagged artefact locations, basics, browser forensics, cookies, hats off security, Safari
Leave a comment