hash

Understand-Microsoft-Authentication

Understand Microsoft Authentication

1 Comment / CHFI, Knowledge Base / By

Understand Microsoft Authentication in this article When users log in to the Windows pc, a series of steps is performed for user authentication. The Windows OS authenticates its users with the help of 3 mechanisms (protocols) provided by the Microsoft. SAM database Windows uses the sam info to manage user accounts and passwords within the hashed format (one-way hash). The system doesn’t store the passwords in plaintext format however stores them in hashed format in …

Understand Microsoft Authentication Read More »

Password-Cracking-Techniques

Password Cracking Techniques

Leave a Comment / CHFI, Knowledge Base / By

Password Cracking Techniques in this article explain different types of password cracking techniques and tools. There are three popular techniques for password cracking: Method 1: Dictionary Attacks In a dictionary attack, a dictionary file is loaded into the cracking application that runs against user accounts. A dictionary is a text file that contains a number of dictionary words or predetermined character combinations. The program uses every word present in the dictionary to find the password. …

Password Cracking Techniques Read More »

Understand-Acquiring-RAID-Disks

Understand Acquiring RAID Disks

Leave a Comment / CHFI / By

Understand Acquiring RAID Disks may be challenging for forensics examiners due to the RAID system design, configuration, and size. The greatest concern is the size of the RAID system, as many systems are growing into many terabytes of data. Copying small RAID systems to one large disk is possible with the availability of larger disks. Investigators should use a proprietary format acquisition with compression to store more data in small storage capacities. Acquiring RAID Disks …

Understand Acquiring RAID Disks Read More »

Understand-Linux-Standard-Tools

Understand Linux Standard Tools

Leave a Comment / CHFI, Knowledge Base / By

Understand Linux Standard Tools in this the forensic investigators use built-in Linux command dd to copy data from a disk drive. This command can create a bit-stream disk-to-disk copy and a disk-to-image file. It can copy any disk data that Linux can mount and access. Forensic tools like AccessData FTC and Hook, can read dd image files. In Linux, the advantage of dd command is its independence on any additional computer resources. The dd command …

Understand Linux Standard Tools Read More »

Duplicate-the-Data-&-Recover-Data-Lost

Duplicate the Data & Recover Data Lost

Leave a Comment / CHFI, Knowledge Base / By

Duplicate the Data & Recover Data Lost this article explain in investigation evidence how should be duplicate data should be recover and which software are use for recovery data. Duplicate the Data (Imaging) Performing the investigation on the original evidence can misdirect the investigation to different results and could make the original evidence vulnerable. Data duplication is an important step in securing the original evidence. Investigating the original evidence can cause damage to the identity …

Duplicate the Data & Recover Data Lost Read More »

What-is-Pyramid-of-Pain-?-&-It’s-types

What is Pyramid of Pain ? & It’s types

2 Comments / CEH, CyberSecurity / By

Pyramid of Pain & It’s types is all loCs are not created with the same value as some hold much more importance in comparison to other loCs. Pyramid of pain represents the types of indicators that the analyst must look out to detect the activities of an adversary as well as the amount of pain that the adversary needs to adapt to pivot and continue with the attack even when the indicators at each level …

What is Pyramid of Pain ? & It’s types Read More »

an-overview-of-knowledge-acquisition

An Overview of knowledge Acquisition

Leave a Comment / CyberSecurity / By

Knowledge Acquisition An Overview of knowledge Acquisition is that the initial pro-active step within the forensic investigation method. The aim of forensic information acquisition is to extract as of knowledge gift on the victim’s fixed disk and build a forensic copy to use it as proof within the court. In some cases, information duplication is preferred rather than information acquisition to gather the information. 1st investigators can even gift the duplicated data in court.This section …

An Overview of knowledge Acquisition Read More »