Mirrors/hacktricks
2
0
Fork 0
mirror of https://github.com/carlospolop/hacktricks synced 2024-11-22 20:53:37 +00:00
Code Issues Projects Releases Packages Wiki Activity
hacktricks/forensics/basic-forensic-methodology
History
Translator 9c3c278c11 Translated ['binary-exploitation/rop-return-oriented-programing/ret2lib/
2024-05-02 15:14:31 +00:00
..
memory-dump-analysis Translated to Swahili 2024-02-11 02:13:58 +00:00
partitions-file-systems-carving Translated ['forensics/basic-forensic-methodology/partitions-file-system 2024-03-26 15:53:40 +00:00
pcap-inspection Translated ['crypto-and-stego/hash-length-extension-attack.md', 'forensi 2024-04-18 03:38:36 +00:00
specific-software-file-type-tricks Translated ['README.md', 'backdoors/salseo.md', 'cryptography/certificat 2024-03-29 21:14:28 +00:00
windows-forensics Translated ['binary-exploitation/rop-return-oriented-programing/ret2lib/ 2024-05-02 15:14:31 +00:00
anti-forensic-techniques.md Translated ['binary-exploitation/rop-return-oriented-programing/ret2lib/ 2024-05-02 15:14:31 +00:00
docker-forensics.md Translated to Swahili 2024-02-11 02:13:58 +00:00
file-integrity-monitoring.md Translated to Swahili 2024-02-11 02:13:58 +00:00
linux-forensics.md Translated ['forensics/basic-forensic-methodology/linux-forensics.md'] t 2024-04-01 21:17:42 +00:00
malware-analysis.md Translated to Swahili 2024-02-11 02:13:58 +00:00
README.md Translated to Swahili 2024-02-11 02:13:58 +00:00

README.md

Mbinu Msingi za Uchunguzi wa Kiforensiki

Jifunze kuhusu kudukua AWS kutoka sifuri hadi shujaa na htARTE (Mtaalam wa Timu Nyekundu ya AWS ya HackTricks)!

Kuunda na Kufunga Picha

{% content-ref url="../../generic-methodologies-and-resources/basic-forensic-methodology/image-acquisition-and-mount.md" %} image-acquisition-and-mount.md {% endcontent-ref %}

Uchambuzi wa Programu Hasidi

Hii siyo hatua ya kwanza inayofaa kufanywa mara baada ya kupata picha. Lakini unaweza kutumia mbinu hizi za uchambuzi wa programu hasidi kwa uhuru ikiwa una faili, picha ya mfumo wa faili, picha ya kumbukumbu, pcap... kwa hivyo ni vizuri kuzingatia hatua hizi:

{% content-ref url="malware-analysis.md" %} malware-analysis.md {% endcontent-ref %}

Ukaguzi wa Picha

Ikiwa umepewa picha ya kiforensiki ya kifaa, unaweza kuanza uchambuzi wa sehemu, mfumo wa faili uliotumika na kurejesha faili za kuvutia (hata zile zilizofutwa). Jifunze jinsi ya kufanya hivyo katika:

{% content-ref url="partitions-file-systems-carving/" %} partitions-file-systems-carving {% endcontent-ref %}

Kulingana na mfumo wa uendeshaji uliotumika na hata jukwaa tofauti, alama za kuvutia zinapaswa kutafutwa:

{% content-ref url="windows-forensics/" %} windows-forensics {% endcontent-ref %}

{% content-ref url="linux-forensics.md" %} linux-forensics.md {% endcontent-ref %}

{% content-ref url="docker-forensics.md" %} docker-forensics.md {% endcontent-ref %}

Ukaguzi Mpana wa Aina Maalum za Faili na Programu

Ikiwa una faili tatanishi sana, basi kulingana na aina ya faili na programu iliyounda, mbinu kadhaa zinaweza kuwa na manufaa.
Soma ukurasa ufuatao ili kujifunza mbinu za kuvutia:

{% content-ref url="specific-software-file-type-tricks/" %} specific-software-file-type-tricks {% endcontent-ref %}

Nataka kutoa maelezo maalum kwa ukurasa:

{% content-ref url="specific-software-file-type-tricks/browser-artifacts.md" %} browser-artifacts.md {% endcontent-ref %}

Ukaguzi wa Kumbukumbu ya Mwendo

{% content-ref url="memory-dump-analysis/" %} memory-dump-analysis {% endcontent-ref %}

Ukaguzi wa Pcap

{% content-ref url="pcap-inspection/" %} pcap-inspection {% endcontent-ref %}

Mbinu za Kuzuia Uchunguzi wa Kiforensiki

Kumbuka matumizi yanayowezekana ya mbinu za kuzuia uchunguzi wa kiforensiki:

{% content-ref url="anti-forensic-techniques.md" %} anti-forensic-techniques.md {% endcontent-ref %}

Uwindaji wa Tishio

{% content-ref url="file-integrity-monitoring.md" %} file-integrity-monitoring.md {% endcontent-ref %}

Jifunze kuhusu kudukua AWS kutoka sifuri hadi shujaa na htARTE (Mtaalam wa Timu Nyekundu ya AWS ya HackTricks)!