cylab.be
About us
About us
People
Contact
Research
Projects
Publications
Education
Academic courses
Cyber Security Coaching
Customized trainings
Internships
Blog
Resources
Search
Login
Register
Cyber Defence Lab
Fighting cyber threats through
research
and
education
cylab.be
Research
Education
Velociraptor : hunt malwares as a pack
Velociraptor is a digital forensic and incident response tool that allows to collect information on multiple endpoints at once, and easily analyze the collected data using Notebooks and a query language (called Velociraptor Query Language, VQL), which is very similar to SQL. This makes Velociraptor a valuable tool for threat hunting over a large network.
Explore the SAM hive with Regedit (and Sysinternals)
The Windows Registry is a kind of database that stores a lot of important configuration parameters for Windows and installed applications. The specific of this database is that the data is actually stored in different files called hives. One of these is the SAM (Security Account Manager) hive, which stores, among others, user passwords. Let's explore this hive a little..
Install Sysinternals
Sysinternals is a collection of powerful utilities for Windows. They can be used by system administrators to perform local or remote system administration, and also by analysts to perform some forensics tasks. The tools were originally developed by Mark Russinovich, and are now maintained by Microsoft. Here is how to install them...
This website uses
cookies
. More information about the use of cookies is available in the
cookies policy
.
Accept