Tag Archives: Analysis

Application

Application Analysis: Conclusion

Introduction: To close out our list of Web Apps, we finished up on Discord. It has been an interesting experience for us to work with the three diverse apps over the last semester. Our analysis on Discord brought our research to a close. Seeing several key similarities with our first application Slack, it was an […]

Continue reading
Laptop and logos for Twitter, Discord, Slack, and Dropbox

Application Analysis: The Prep

Introduction To Application Analysis The Web Application Analysis team has been assigned to examine desktop-based web applications for both Mac and PC and determine what kind of artifacts can be found from them. Thus far, the team has endeavored to analyze Discord, Dropbox, Slack, and Twitter. We have also selected several forensic tools to help […]

Continue reading
Bluetooth symbol with program code

Bluetooth Security Forensics 2.0

Bluetooth Recon Phase The Bluetooth team has been using Pwnie Express’s BlueHydra and Econocom Digital Security’s Btlejuice to gather information about the various devices we will be working with throughout the semester. The team collectively decided it was imperative to understand how these tools gather the data they report before we can begin searching for […]

Continue reading

Malware Analysis Introduction

Introduction To Malware Analysis In order to build upon work done by the LCDI’s Malware Analysis Team last semester, we are adopting Amazon Web Services. Amazon WorkSpaces will allow us to conduct malware research with the guarantee that the LCDI network will remain unaffected by any samples we choose to analyze. The Malware Team has […]

Continue reading
Mac Ram Analysis Corsair Memory

Mac Ram Analysis Introduction

INTROduction to mac ram analysis: The newest project from the LCDI is going to be accomplishing a Mac Ram analysis. Last semester, the LCDI investigated forensic artifact locations produced by user activity in Apple’s newest version of OS X, El Capitan. Those findings were then compared to our previous report on El Capitan’s predecessor, OS […]

Continue reading
Code

Volatility Malware Analysis

For the second part of our Volatility project, we wanted to determine whether or not we could find traces of malware in a system that was once put in hibernation mode. When a user puts their computer into hibernation, a hiberfil.sys file is created. If a system has malware running in the background and is then put into hibernation, we hypothesized that hiberfil.sys will have remnants of the malicious code. Continue reading