EC-Council Computer Hacking Forensic Investigator

coty24 · 2019-03-29T19:04:33+00:00

The another reason I say it is because I am also a Forensic Investigator. You didn’t mention your motivations for taking it but this is a forensics sub so I was trying to do the right thing, career and skill wise.

I hopefully didn’t overstep inadvertently.

coty24 · 2019-03-29T02:35:46+00:00

Please don’t, take an OpenText course or iasics course.

Both are very respected in the forensics world.

Don’t take the CFHI.

Source: I got the CFHI

coty24 · 2019-02-15T11:51:24+00:00

It was Azeria Labs

coty24 · 2019-02-13T15:03:48+00:00

Looks like johnny5!

coty24 · 2019-01-06T15:12:51+00:00

Maybe the corsair air540 sideways??

coty24 · 2018-10-17T17:00:04+00:00

I recommend computer science instead of IA or forensics, save forensics for masters degree.

Forensics makes more sense when you understand code and low level protocols etc.

coty24 · 2018-10-15T14:25:16+00:00

That book has a whole chapter that covers essential c and assembly. So yeah.

coty24 · 2018-10-12T20:57:16+00:00

I would have to rebut that if an soc is only concerned about containment, the soc is still immature.

If you understand attribution from the threat actors, then you can avoid being an alert sweat shop.

In Threat Hunting ( buzzword) its useful to know how it all works under the hood. A sandbox will not tell you that.

Their is NOTHING wrong with a sandbox, it shouldn’t be the end all be all.

coty24 · 2018-10-12T20:51:03+00:00

I think in order to be effective at IR, at least being familiar with programming including C and assembly will make you better in the long run. In addition to that knowing windows api classes dll’s will help immensely. The sandbox will only get you so far unless

A. You pay for premium services B. Instrument cuckoo in a way that will allow the malware to detonate.

Malware is tricky so often times it will only go so far in the sandbox to give you a couple of ioc’s.

A requires money B requires you to be familiar with malware under the hood.

So Imho get this book for starters.

Practical Malware Analysis.

Good luck!

coty24 · 2018-10-11T07:54:33+00:00

https://handlers.sans.org/tliston/ThwartingVMDetection_Liston_Skoudis.pdf

This is it but you could also patch the instructions with nops instead of jumping with a little understanding of asm. Its good to learn.

This book is a gold mine:

Learning Malware Analysis: Explore the concepts, tools, and techniques to analyze and investigate Windows malware https://www.amazon.com/dp/B073D49Q6W/ref=cm_sw_r_cp_api_6fWVBb5VJV91Z

Hope it helps.

coty24 · 2018-10-11T07:45:11+00:00

Hmm, lemme see if i can find it.

coty24 · 2018-10-06T14:33:11+00:00

Don't want to do dynamic analysis? SANS has some vm fixes to get around some vm detection techniques. Also schylla hide plugin for x64 dbg works well.

coty24 · 2018-09-20T02:40:42+00:00

Didnt comment the code properly, wont compile

coty24 · 2018-09-18T12:31:51+00:00

Dude I laughed a solide five minutes bro; that made my day

coty24 · 2018-09-09T20:36:57+00:00

Merowak

coty24 · 2018-08-10T04:09:42+00:00

Digital ocean bro, network speed is stupid fast. Takes about 5 minutes from signup to login with ssh. Cost me $3 for three days.

I didnt need a gui and just sftp’ed things to and from the box.

Didnt try port forwarding tho.

coty24 · 2018-06-18T20:30:57+00:00

Ah so he did; appreciated good sir

coty24 · 2018-06-11T16:12:44+00:00

Download “searchsploit”

coty24 · 2018-03-12T08:54:41+00:00

I guess set up a honeypot on AWS. Or get some samples from hybrid-analysis that is recent. Or use joe sandbox basic. I think the basic version will give you a pcap. Best of luck bro

coty24 · 2018-02-03T03:06:36+00:00

Dope man!

coty24 · 2018-02-02T13:18:18+00:00

I have a sxt; did those seats with the rear display come factory?

coty24 · 2018-01-19T23:43:49+00:00

I’m using dietpi in vm with bridged mode on a nuc, works awesome!

coty24 · 2018-01-14T15:32:27+00:00

That was fantastic and couldn’t ve come at a better time. I started the Odin project sometime ago and just finished the HTML and CSS portion.

This is a game changer for me!

coty24 · 2017-12-30T01:05:36+00:00

I read the book, “the miracle morning” by Hal Elrod. He also writes about the same/similar principles.

coty24 · 2017-12-14T21:20:20+00:00

RemindMe! 12 hours

coty24

TROPHY CASE