Contribuez à SecuObs en envoyant des bitcoins ou des dogecoins.
Nouveaux articles (fr): 1pwnthhW21zdnQ5WucjmnF3pk9puT5fDF
Amélioration du site: 1hckU85orcGCm8A9hk67391LCy4ECGJca

Contribute to SecuObs by sending bitcoins or dogecoins.

Chercher :
Newsletter :  


Revues :
- Presse
- Presse FR
- Vidéos
- Twitter
- Secuobs





Sommaires :
- Tendances
- Failles
- Virus
- Concours
- Reportages
- Acteurs
- Outils
- Breves
- Infrastructures
- Livres
- Tutoriels
- Interviews
- Podcasts
- Communiques
- USBsploit
- Commentaires


Revue Presse:
- Tous
- Francophone
- Par mot clé
- Par site
- Le tagwall


Top bi-hebdo:
- Ensemble
- Articles
- Revue
- Videos
- Twitter
- Auteurs


Articles :
- Par mot clé
- Par auteur
- Par organisme
- Le tagwall


Videos :
- Toutes
- Par mot clé
- Par site
- Le tagwall


Twitter :
- Tous
- Par mot clé
- Par compte
- Le tagwall


Commentaires :
- Breves
- Virus
- Failles
- Outils
- Tutoriels
- Tendances
- Acteurs
- Reportages
- Infrastructures
- Interviews
- Concours
- Livres
- Communiques


RSS/XML :
- Articles
- Commentaires
- Revue
- Revue FR
- Videos
- Twitter


RSS SecuObs :
- sécurité
- exploit
- windows
- attaque
- outil
- microsoft


RSS Revue :
- security
- microsoft
- windows
- hacker
- attack
- network


RSS Videos :
- curit
- security
- biomet
- metasploit
- biometric
- cking


RSS Twitter :
- security
- linux
- botnet
- attack
- metasploit
- cisco


RSS Comments :
- Breves
- Virus
- Failles
- Outils
- Tutoriels
- Tendances
- Acteurs
- Reportages
- Infrastructures
- Interviews
- Concours
- Livres
- Communiques


RSS OPML :
- Français
- International











Revue de presse francophone :
- Appaloosa AppDome nouent un partenariat pour accompagner les entreprises dans le déploiement et la protection des applications mobiles
- D-Link offre une avec un routeur VPN sans fil AC
- 19 mai Paris Petit-Déjeuner Coreye Développer son business à l'abri des cyberattaques
- POYNTING PRESENTE LA NOUVELLE ANTENNE OMNI-291, SPECIALE MILIEU MARITIME, CÔTIER ET MILIEU HUMIDE
- Flexera Software Les utilisateurs français de PC progressent dans l'application de correctifs logiciels, mais des défis de tailles subsistent
- Riverbed lance SD-WAN basé sur le cloud
- Fujitsu multi-récompensé VMware lui décerne plusieurs Partner Innovation Awards à l'occasion du Partner Leadership Summit
- Zscaler Private Access sécuriser l'accès à distance en supprimant les risques inhérents aux réseaux privés virtuels
- QNAP annonce la sortie de QTS 4.2.1
- Une enquête réalisée par la société de cyber sécurité F-Secure a décelé des milliers de vulnérabilités graves, potentiellement utilisables par des cyber criminels pour infiltrer l'infrastru
- Trouver le juste équilibre entre une infrastructure dédiée et cloud le dilemme de la distribution numérique
- 3 juin - Fleurance - Cybersécurité Territoires
- Cyber-assurances Seules 40 pourcents des entreprises françaises sont couvertes contre les violations de sécurité et les pertes de données
- Des étudiants de l'ESIEA inventent CheckMyHTTPS un logiciel qui vérifie que vos connexions WEB sécurisées ne sont pas interceptées
- Les produits OmniSwitch d'Alcatel-Lucent Enterprise ALE gagnent en sécurité pour lutter contre les cyber-attaques modernes

Dernier articles de SecuObs :
- DIP, solution de partage d'informations automatisée
- Sqreen, protection applicative intelligente de nouvelle génération
- Renaud Bidou (Deny All): "L'innovation dans le domaine des WAFs s'oriente vers plus de bon sens et d'intelligence, plus de flexibilité et plus d'ergonomie"
- Mises à jour en perspective pour le système Vigik
- Les russes ont-ils pwn le système AEGIS ?
- Le ministère de l'intérieur censure une conférence au Canada
- Saut d'air gap, audit de firmware et (in)sécurité mobile au programme de Cansecwest 2014
- GCHQ: Le JTRIG torpille Anonymous qui torpille le JTRIG (ou pas)
- #FIC2014: Entrée en territoire inconnu
- Le Sénat investit dans les monnaies virtuelles

Revue de presse internationale :
- VEHICLE CYBERSECURITY DOT and Industry Have Efforts Under Way, but DOT Needs to Define Its Role in Responding to a Real-world Attack
- Demand letter served on poll body over disastrous Comeleak breach
- The Minimin Aims To Be The Simplest Theremin
- Hacking group PLATINUM used Windows own patching system against it
- Hacker With Victims in 100 Nations Gets 7 Years in Prison
- HPR2018 How to make Komboucha Tea
- Circuit Bender Artist bends Fresnel Lens for Art
- FBI Director Suggests iPhone Hacking Method May Remain Secret
- 2016 Hack Miami Conference May 13-15, 2016
- 8-bit Video Wall Made From 160 Gaming Keyboards
- In An Era Of Decline, News Sites Can t Afford Poor Web Performance
- BeautifulPeople.com experiences data breach 1m affected
- Swedish Air Space Infringed, Aircraft Not Required
- Why cybercriminals attack healthcare more than any other industry
- Setting the Benchmark in the Network Security Forensics Industry

Annuaire des videos
- FUZZING ON LINE PART THREE
- Official Maltego tutorial 5 Writing your own transforms
- Official Maltego tutorial 6 Integrating with SQL DBs
- Official Maltego tutorial 3 Importing CSVs spreadsheets
- install zeus botnet
- Eloy Magalhaes
- Official Maltego tutorial 1 Google s websites
- Official Maltego tutorial 4 Social Networks
- Blind String SQL Injection
- backdoor linux root from r57 php shell VPS khg crew redc00de
- How To Attaque Pc With Back Track 5 In Arabique
- RSA Todd Schomburg talks about Roundup Ready lines available in 2013
- Nessus Diagnostics Troubleshooting
- Panda Security Vidcast Panda GateDefender Performa Parte 2 de 2
- MultiPyInjector Shellcode Injection

Revue Twitter
- RT @fpalumbo: Cisco consistently leading the way ? buys vCider to boost its distributed cloud vision #CiscoONE
- @mckeay Looks odd... not much to go on (prob some slideshow/vid app under Linux)
- [SuggestedReading] Using the HTML5 Fullscreen API for Phishing Attacks
- RT @BrianHonan: Our problems are not technical but cultural. OWASP top 10 has not changed over the years @joshcorman #RSAC
- RT @mikko: Wow. Apple kernels actually have a function called PE_i_can_has_debugger:
- [Blog Spam] Metasploit and PowerShell payloads
- PinkiePie Strikes Again, Compromises Google Chrome in Pwnium Contest at Hack in the Box: For the second time thi...
- @mikko @fslabs y'all wldn't happen to have lat/long data sets for other botnets, wld you? Doing some research (free/open info rls when done)
- RT @nickhacks: Want to crash a remote host running Snow Leopard? Just use: nmap -P0 -6 --script=targets-ipv6-multicast-mld #wishiwaskidding
- An inexpensive proxy service called is actually a front for #malware distribution -

Mini-Tagwall
Revue de presse : security, microsoft, windows, hacker, attack, network, vulnerability, google, exploit, malware, internet, remote, iphone

+ de mots clés pour la revue de presse

Annuaires des videos : curit, security, biomet, metasploit, biometric, cking, password, windows, botnet, defcon, tutorial, crypt, xploit

+ de mots clés pour les videos

Revue Twitter : security, linux, botnet, attack, metasploit, cisco, defcon, phish, exploit, google, inject, server, firewall

+ de mots clés pour la revue Twitter

Top bi-hebdo des articles de SecuObs
- [Ettercap – Partie 2] Ettercap par l'exemple - Man In the Middle et SSL sniffing
- [Infratech - release] version 0.6 de Bluetooth Stack Smasher
- [IDS Snort Windows – Partie 2] Installation et configuration
- [Infratech - vulnérabilité] Nouvelle version 0.8 de Bluetooth Stack Smasher
- Mises à jour en perspective pour le système Vigik
- USBDumper 2 nouvelle version nouvelles fonctions !
- EFIPW récupère automatiquement le mot de passe BIOS EFI des Macbook Pro avec processeurs Intel
- La sécurité des clés USB mise à mal par USBDUMPER
- Une faille critique de Firefox expose les utilisateurs de Tor Browser Bundle
- Installation sécurisée d'Apache Openssl, Php4, Mysql, Mod_ssl, Mod_rewrite, Mod_perl , Mod_security

Top bi-hebdo de la revue de presse
- StackScrambler and the Tale of a Packet Parsing Bug

Top bi-hebdo de l'annuaire des videos
- DC++ Botnet. How To DDos A Hub With Fake IPs.
- Comment creer un server botnet!!!!(Réseau de pc zombies)
- Defcon 14 Hard Drive Recovery Part 3

Top bi-hebdo de la revue Twitter
- RT @secureideas: I believe that all the XSS flaws announced are fixed in CVS. Will test again tomorrow if so, release 1.4.3. #BASESnort
- Currently, we do not support 100% of the advanced PDF features found in Adobe Reader... At least that's a good idea.
- VPN (google): German Foreign Office Selects Orange Business for Terrestrial Wide: Full
- @DisK0nn3cT Not really, mostly permission issues/info leak...they've had a couple of XSS vulns but nothing direct.
- Swatting phreaker swatted and heading to jail: A 19-year-old American has been sentenced to eleven years in pris..
- RT @fjserna You are not a true hacker if the calc.exe payload is not the scientific one... infosuck.org/0x0035.png

Top des articles les plus commentés
- [Metasploit 2.x – Partie 1] Introduction et présentation
- Microsoft !Exploitable un nouvel outil gratuit pour aider les développeurs à évaluer automatiquement les risques
- Webshag, un outil d'audit de serveur web
- Les navigateurs internet, des mini-systèmes d’exploitation hors de contrôle ?
- Yellowsn0w un utilitaire de déblocage SIM pour le firmware 2.2 des Iphone 3G
- CAINE un Live[CD|USB] pour faciliter la recherche légale de preuves numériques de compromission
- Nessus 4.0 placé sous le signe de la performance, de l'unification et de la personnalisation
- [Renforcement des fonctions de sécurité du noyau Linux – Partie 1] Présentation
- [IDS Snort Windows – Partie 1] Introduction aux IDS et à SNORT
- Origami pour forger, analyser et manipuler des fichiers PDF malicieux

Automating DFIR - How to series on programming libtsk with python Part 5

Si vous voulez bloquer ce service sur vos fils RSS
Si vous voulez nous contacter ou nous proposer un fil RSS

Menu > Articles de la revue de presse : - l'ensemble [tous | francophone] - par mots clé [tous] - par site [tous] - le tagwall [voir] - Top bi-hebdo de la revue de presse [Voir]

S'abonner au fil RSS global de la revue de presse



Automating DFIR - How to series on programming libtsk with python Part 5

Par Hacking Exposed Computer Forensics Blog
Le [2015-02-24] à 21:39:38



Présentation : Hello Reader, This is part 5 of a planned 24 part series. If you haven't read the prior parts I would highly recommend you do to understand how we got to this point Part 1 - Accessing an image and printing the partition table Part 2 - Extracting a file from an image Part 3 - Extracting a file from a live system Part 4 - Turning a python script into a windows executable In this post, before continuing on to accessing an E01 image which is a bit more complicated, let's make our lives a little bit easier. It's always a pain when you forget to open an administrative command prompt to run your script and in future posts when we get to GUIs its easy to forget to right click and run as administrator sudo your script. So instead let's have our code do it for us. Now I can't take credit for this code like most good programmers I turn to Google for answers which most frequently will lead you to stackoverlow.com for answers. On stackoverflow I found a series of threads which offered solutions to the problem of elevating a python script and in testing I found the following thread to offer the best solution http stackoverflow.com questions 19672352 how-to-run-python-script-with-elevated-privilage-on-windows So let's look at what changes we need to make our DFIR Wizard program to do this. By this I mean check to see if our script is running as administrator root and if it's not then to try to do so if the account has permissions to do so . usr bin python Sample program or step 3 in becoming a DFIR Wizard No license as this code is simple and free import sys import pytsk3 import datetime import adminif not admin.isUserAdmin admin.runAsAdmin sys.exit imagefile . PhysicalDrive0 imagehandle pytsk3.Img_Info imagefile partitionTable pytsk3.Volume_Info imagehandle for partition in partitionTable print partition.addr, partition.desc, pourcentsss pourcentss pourcents partition.start, partition.start 512 , partition.len if 'NTFS' in partition.desc filesystemObject pytsk3.FS_Info imagehandle, offset partition.start 512 fileobject filesystemObject.open MFT print File Inode ,fileobject.info.meta.addr print File Name ,fileobject.info.name.name print File Creation Time ,datetime.datetime.fromtimestamp fileobject.info.meta.crtime .strftime 'pourcentsY-pourcentsm-pourcentsd pourcentsH pourcentsM pourcentsS' outFileName str partition.addr fileobject.info.name.name print outFileName outfile open outFileName, 'w' filedata fileobject.read_random 0,fileobject.info.meta.size outfile.write filedata outfile.close I have bolded the parts of the code that I have changed. You can see the first thing we are doing is importing in a new class. In this case that class is called 'admin'. Now before you try to install admin with pip you should know that admin is actually an new python script we are going to create. Rather than embed the admin functions, which are quite lengthy, in our main script we are going to import the functions it provides and use them. After importing the admin class we are doing a test using the 'if' conditional statement. We are testing the result of calling the admin class function 'isUserAdmin' for the negative. In other words our 'if' statement here returns 'true' that we are running as administrator then the script will not execute the next two lines of code and just continue on executing. However if the 'isUserAdmin' function comes back that the process is not currently running as the administrator then the 'not' applies before the function will make it return true and thus the two lines of code indented after the 'if' statement will execute. So let's talk about those two files after the 'if' statement. The first line after the 'if' statement is calling the 'runAsAdmin' function provided from the admin class we imported. This function will start a new process of our python program as administrator for us and when it executes again as administrator our program will skip over this if statement and run the rest of our DFIR Wizard program. The next line tells our program that is not running as administrator to stop running as the rest of the script requires us to run as administrator to execute correctly. The sys library provides this 'exit' function that tells our program to quit and it will only quit after spawning off the new administrative version of our python script. That's all the modifications we are going to make to our main script, dfirwizard-v4.py. Now, let's take a look at the new python script we are making called admin.py. usr bin env python - - coding utf-8 mode python py-indent-offset 4 indent-tabs-mode nil - - vim fileencoding utf-8 tabstop 4 expandtab shiftwidth 4 C COPYRIGHT Preston Landers 2010 Released under the same license as Python 2.6.5 import sys, os, traceback, types def isUserAdmin if os.name 'nt' import ctypes WARNING requires Windows XP SP2 or higher try return ctypes.windll.shell32.IsUserAnAdmin except traceback.print_exc print Admin check failed, assuming not an admin. return False elif os.name 'posix' Check for root on Posix return os.getuid 0 else raise RuntimeError, Unsupported operating system for this module pourcentss pourcents os.name, def runAsAdmin cmdLine None, wait True if os.name 'nt' raise RuntimeError, This function is only implemented on Windows. import win32api, win32con, win32event, win32process from win32com.shell.shell import ShellExecuteEx from win32com.shell import shellcon python_exe sys.executable if cmdLine is None cmdLine python_exe sys.argv elif type cmdLine not in types.TupleType,types.ListType raise ValueError, cmdLine is not a sequence. cmd ' pourcentss ' pourcents cmdLine 0 , XXX TODO isn't there a function or something we can call to massage command line params params .join ' pourcentss ' pourcents x, for x in cmdLine 1 cmdDir '' showCmd win32con.SW_SHOWNORMAL showCmd win32con.SW_HIDE lpVerb 'runas' causes UAC elevation prompt. print Running , cmd, params ShellExecute doesn't seem to allow us to fetch the PID or handle of the process, so we can't get anything useful from it. Therefore the more complex ShellExecuteEx must be used. procHandle win32api.ShellExecute 0, lpVerb, cmd, params, cmdDir, showCmd procInfo ShellExecuteEx nShow showCmd, fMask shellcon.SEE_MASK_NOCLOSEPROCESS, lpVerb lpVerb, lpFile cmd, lpParameters params if wait procHandle procInfo 'hProcess' obj win32event.WaitForSingleObject procHandle, win32event.INFINITE rc win32process.GetExitCodeProcess procHandle print Process handle pourcentss returned code pourcentss pourcents procHandle, rc else rc None return rc if __name__ main__ sys.exit test Now there is a lot of code here to get through to understand whats going on here. Let's break it down in chunks import sys, os, traceback, types Here we importing 4 libraries needed for the admin class to work sys, os, traceback and types. Next we are gong to define the first function the admin class provides, the 'isUserAdmin' function. def isUserAdmin if os.name 'nt' import ctypes WARNING requires Windows XP SP2 or higher try return ctypes.windll.shell32.IsUserAnAdmin except traceback.print_exc print Admin check failed, assuming not an admin. return False elif os.name 'posix' Check for root on Posix return os.getuid 0 else raise RuntimeError, Unsupported operating system for this module pourcentss pourcents os.name, The first thing we are doing is determining what operating system our program is running by checking the contents of the variable 'name' from the os library we imported in the first line. We are testing to see if the operating system name is defined as 'nt' which means windows. To see the full list of operating system name returned go here https docs.python.org 2 library os.html os.name If we are running under windows we are going to import another library for called 'ctypes' via the import ctypes line. The ctypes library is going to give us access to several windows internal functions, but it can do way more than that. These functions that we will call are made available from the windows api also called the win32 api its running to let programmers request information about the windows session they are currently running under. To learn more about the ctypes library go here https docs.python.org 2 library ctypes.html highlight ctypes module-ctypes Next we see a new python conditional called 'try' and 'except'. This will allow us to to attempt to execute a function and in the event that it returns a failure we can define how to handle the error. Our try line is calling the following function ctypes.windll.shell32.IsUserAnAdmin , for more information about this win32 api function go here https msdn.microsoft.com en-us library windows desktop bb776463pourcents28v vs.85pourcents29.aspx. Look at what we are doing with the ctypes library to call this function. We are using ctypes to call the win32 api through windll which is then calling shell32 to call the IsUserAnAdmin function. Using this syntax we can call any other shell32 function of which their are many For a much longer read on the shell32 library go here https msdn.microsoft.com en-us library windows desktop bb773177 v vs.85 .aspx Now if we are running as administrator our code will return true. If we are not then the except clause will be called and we will print to the console that we are not running as administrator and then return false. The next elif or 'else if' will check to see if we are running on a 'posix' operating system. Posix should return for most unix operating systems such as BSD, OSX and Linux. If we are running under a Posix operating system we will check to see if we are running as root or uid 0 and then return truse or false. Otherwise we have an 'else' operator at the end stating we don't know how to handle any non windows non posix operating system. We are now done with this function Let's move on to the next function def runAsAdmin cmdLine None, wait True if os.name 'nt' raise RuntimeError, This function is only implemented on Windows. import win32api, win32con, win32event, win32process from win32com.shell.shell import ShellExecuteEx from win32com.shell import shellcon python_exe sys.executable if cmdLine is None cmdLine python_exe sys.argv elif type cmdLine not in types.TupleType,types.ListType raise ValueError, cmdLine is not a sequence. cmd ' pourcentss ' pourcents cmdLine 0 , XXX TODO isn't there a function or something we can call to massage command line params params .join ' pourcentss ' pourcents x, for x in cmdLine 1 cmdDir '' showCmd win32con.SW_SHOWNORMAL showCmd win32con.SW_HIDE lpVerb 'runas' causes UAC elevation prompt. print Running , cmd, params ShellExecute doesn't seem to allow us to fetch the PID or handle of the process, so we can't get anything useful from it. Therefore the more complex ShellExecuteEx must be used. procHandle win32api.ShellExecute 0, lpVerb, cmd, params, cmdDir, showCmd procInfo ShellExecuteEx nShow showCmd, fMask shellcon.SEE_MASK_NOCLOSEPROCESS, lpVerb lpVerb, lpFile cmd, lpParameters params if wait procHandle procInfo 'hProcess' obj win32event.WaitForSingleObject procHandle, win32event.INFINITE rc win32process.GetExitCodeProcess procHandle print Process handle pourcentss returned code pourcentss pourcents procHandle, rc else rc None return rc This is not a short function so let's break it down in chinks again. Our function is being defined here with two variables cmdLine and wait. These two variables are being given default values in case no value was passed in. In other words if we called this function with a specific cmdLine variable then the function would accept it, otherwise if no such variable is passed in as we are doing in our program then it will use the default value of None. Next we make sure that we are running under Windows as this function won't work on another operating system as its currently written. We do this with a check to os.name again with the condition or not equals. If our operating system is not windows returned as nt here then the function will raise an error stating it won't work Next we need import more libraries We are importing win32api, win32con, win32event, win32process libraries in order to start this up. From these libraries we are importing two functions into our local namespace. Importing into out local namespace means we don't have to call it with the full library path, instead we can call it by function name alone. We bringing in ShellExecuteEx and shellcon into our local namespace. Now its time to figure out what process we are going to run as administrator with the following line, python_exe sys.executable. We are assigning the name of the currently running python script from sys.executable to the variable python_exe. Let's look at the next chunk of code if cmdLine is None cmdLine python_exe sys.argv elif type cmdLine not in types.TupleType,types.ListType raise ValueError, cmdLine is not a sequence. cmd ' pourcentss ' pourcents cmdLine 0 , If we didn't pass in a valueto cmdLine and its default value of 'None' is applied than we will update the cmdLine variable to be the name of our executable that we capture prior and the command line arguments passed into our currently running script via the sys provided variable argv. If our cmdLine variable contains a value we passed in but it is not a list a series of values in an array then we throw an error. Lastly if neither applies, meaning a value was supplied and it is a list type variable then we assign it to our cmd to execute. This is followed by params .join ' pourcentss ' pourcents x, for x in cmdLine 1 cmdDir '' Where we are joining all the command line arguments into a variable called params and defining the directory we want our program to run in to be the directory our program is currently running from. Next we set the option of whether to show the console window of the running application. If this was a GUI program we would want to hide this, but since this is currently a command line program we want to show it. We are using the win32con library constants SW_SHOWNORMAL and SW_HIDE to set that value which will be pass into the administrative process we create. showCmd win32con.SW_SHOWNORMAL showCmd win32con.SW_HIDE Next we need to make sure we set the right flag for an elevated process if we are in a UAC aware environment lpVerb 'runas' causes UAC elevation prompt. by setting the lpVerb variable equal to runas. Now we are ready to create our administrative process using the ShellExecuteEx command and passing in all the variables we set in the lines prior. We store the resulting process id in a variable named procInfo. We are passing one additional constant value here from shellcon, SEE_MASK_NOCLOSEPROCESS to make sure our parent process does not exit here. procInfo ShellExecuteEx nShow showCmd, fMask shellcon.SEE_MASK_NOCLOSEPROCESS, lpVerb lpVerb, lpFile cmd, lpParameters params For more information on the ShellExecuteEx function go here http www.pinvoke.net default.aspx shell32 ShellExecuteEx.html Lastly we need to check if we passed in a wait flag true or false if wait procHandle procInfo 'hProcess' obj win32event.WaitForSingleObject procHandle, win32event.INFINITE rc win32process.GetExitCodeProcess procHandle print Process handle pourcentss returned code pourcentss pourcents procHandle, rc else rc None return rc If wait is true, which is by default, then we will wait for our administrative execution to finish and then we set the variable rc to exit code of the administrative process. If we are not waiting to get the return state then we set rc to the value None. Lastly we return the value of the variable rc to the program that called this function to begin with. Lastly we have a default constructor if __name__ main__ sys.exit test That was a lot to get through But now that we have it we can reuse it every time we want to make sure our executable runs as administrator rather than having to restart it manually ourselves. If you notice in my code I put an exit after the administrative process returns, this is because if we let our script continue to run in the original non administrative process it will throw an error and likely just confuse the user. If you want to grab these two files do it from the series github dfirwizard-v4.py https github.com dlcowen dfirwizard blob master dfirwizard-v4.py admin.py https github.com dlcowen dfirwizard blob master admin.py In the next part we will access an E01 image

Les mots clés de la revue de presse pour cet article : python
Les videos sur SecuObs pour les mots clés : python
Les éléments de la revue Twitter pour les mots clé : python



AddThis Social Bookmark Widget



Les derniers articles du site "Hacking Exposed Computer Forensics Blog" :

- Automating DFIR - How to series on programming libtsk with python Part 10
- Automating DFIR - How to series on programming libtsk with python Part 9
- Forensic Lunch 2 27 15 - Ben LeMere, Lee Whitfield and Robin Keir
- Automating DFIR - How to series on programming libtsk with python Part 8
- Automating DFIR - How to series on programming libtsk with python Part 7
- Automating DFIR - How to series on programming libtsk with python Part 6
- Automating DFIR - How to series on programming libtsk with python Part 5
- Automating DFIR - How to series on programming libtsk with python Part 4
- Automating DFIR - How to series on programming libtsk with python Part 3
- Automating DFIR - How to series on programming libtsk with python Part 2




S'abonner au fil RSS global de la revue de presse

Menu > Articles de la revue de presse : - l'ensemble [tous | francophone] - par mots clé [tous] - par site [tous] - le tagwall [voir] - Top bi-hebdo de la revue de presse [Voir]



Si vous voulez bloquer ce service sur vos fils RSS :
- avec iptables "iptables -A INPUT -s 88.190.17.190 --dport 80 -j DROP"
- avec ipfw et wipfw "ipfw add deny from 88.190.17.190 to any 80"
- Nous contacter par mail




SecuToolBox :

Mini-Tagwall des articles publiés sur SecuObs :

Mini-Tagwall de l'annuaire video :

Mini-Tagwall des articles de la revue de presse :

Mini-Tagwall des Tweets de la revue Twitter :