hiddenillusion.blogspot.com
:: hiddenillusion ::see what others can't...
http://hiddenillusion.blogspot.com/
see what others can't...
http://hiddenillusion.blogspot.com/
TODAY'S RATING
>1,000,000
Date Range
HIGHEST TRAFFIC ON
Wednesday
LOAD TIME
0.5 seconds
16x16
32x32
PAGES IN
THIS WEBSITE
19
SSL
EXTERNAL LINKS
39
SITE IP
172.217.164.97
LOAD TIME
0.496 sec
SCORE
6.2
:: hiddenillusion :: | hiddenillusion.blogspot.com Reviews
https://hiddenillusion.blogspot.com
see what others can't...
hiddenillusion.blogspot.com
:: hiddenillusion ::: Rewriting/anonymizing artifacts
http://hiddenillusion.blogspot.com/2014/04/rewritinganonymizing-artifacts.html
See what others can't. Friday, April 18, 2014. This has been ported over to my GitHub site and is not longer being maintained here. For any issues, comments or updates head here. Have you ever had the need to anonymize or rewrite some data in an artifact for a blog post, paper, presentation, interview etc? What were the artifacts, what were the requirements and how did you go about tackling the situation at hand? If you’re unfamiliar with it then I suggest poking around with it - volshell gives you...
:: hiddenillusion ::: AnalyzePDF - Bringing the Dirt Up to the Surface
http://hiddenillusion.blogspot.com/2013/12/analyzepdf-bringing-dirt-up-to-surface.html
See what others can't. Tuesday, December 3, 2013. AnalyzePDF - Bringing the Dirt Up to the Surface. This has been ported over to my GitHub site and is not longer being maintained here. For any issues, comments or updates head here. What is that thing they call a PDF? The Portable Document Format (PDF) is an old format . it was created by Adobe back in 1993 as an open standard but wasn't officially released as an open standard (SIO 32000-1) until 2008 - right @nullandnull. Do you open it or not? We might ...
:: hiddenillusion ::: Getting what you want out of a PDF with REMnux
http://hiddenillusion.blogspot.com/2012/06/getting-what-you-want-out-of-pdf-with.html
See what others can't. Thursday, June 21, 2012. Getting what you want out of a PDF with REMnux. This has been ported over to my GitHub site and is not longer being maintained here. For any issues, comments or updates head here. I was talking recently with. I know there's a wealth of write ups for analyzing PDF's but only a handful are solely done in REMnux. One of the first things I run on any file I'm analyzing is ' hachoir-subfile. Which can provide you an easy to view overview of the PDF:. From the Or...
:: hiddenillusion ::: YARA + Volatility ... the beginning
http://hiddenillusion.blogspot.com/2012/04/yara-volatility-beginning.html
See what others can't. Thursday, April 19, 2012. YARA Volatility . the beginning. This has been ported over to my GitHub site and is not longer being maintained here. For any issues, comments or updates head here. YARA - the sleeping giant. There's been mention of it over the last few years but as far as adoption - I think it's still lacking in the tool set of many analysts. I personally like to leverage YARA on its own, within pescanner. And most definitely within volatility's malfind. The use of the 'i...
:: hiddenillusion ::: SWF-ing away
http://hiddenillusion.blogspot.com/2012/09/swf-ing-away.html
See what others can't. Wednesday, September 19, 2012. This has been ported over to my GitHub site and is not longer being maintained here. For any issues, comments or updates head here. There's been quite a bit of chatter lately with the recent discovery. Of the latest IE 0-day. While reading through one of the other researchers posts. With the addition of another user posting a decompiled version of the ActionScript. I was looking at I decided to give a quick look into this referenced script. This initi...
TOTAL PAGES IN THIS WEBSITE
19
Sploited: SANS Forensic Artifact 1: Open/Save MRU
http://sploited.blogspot.com/2012/10/sans-forensic-artifact-1-opensave-mru.html
Wednesday, 10 October 2012. SANS Forensic Artifact 1: Open/Save MRU. As most of you would have seen by now SANS posted a fantastic forensic poster. For everybody to use which will "map a specific artifact to the analysis question that it will help to answer". Basically what that means is that SANS have 8 categories used to determine an analysis question. "Was the file opened? SANS lists the following information within the poster. Called SANS ForensicArtifact1 MRU 1.txt and SANS ForensicArtifact1 MRU...
Sploited: SANS Forensic Artifact 6: UserAssist
http://sploited.blogspot.com/2012/12/sans-forensic-artifact-6-userassist.html
Thursday, 27 December 2012. SANS Forensic Artifact 6: UserAssist. I'm a little late to say this but firstly Happy Christmas to my readers out there. I've been fortunate enough to have a little time off but still find myself working the Christmas / New Year period. I hope some of you have more time off and can catch up on some of those tasks you've been avoiding. For today we're moving onto the new category. GUI-based programs launched from the desktop are tracked in the launcher on a Windows System.
TekDefense - News - Memory Forensics presentation from BSidesNola
http://www.tekdefense.com/news/2014/5/29/memory-forensics-presentation-from-bsidesnola.html
Network Challenge - 001 - Solution. Network Challenge - 001 - Linux. Automater Update .21. BSidesNola 2015 Presentation on Honeypots. Over a year with Kippo. Automater version 2.1 released - Proxy capabilities and a little user-agent modification. Memory Forensics presentation from BSidesNola. Analyzing DarkComet in Memory. Automater Output Format and Modifications. Laquo; Automater version 2.1 released - Proxy capabilities and a little user-agent modification. Categorizing Maltrieve Output ». Use this a...
4n6k: About
http://www.4n6k.com/p/about.html
TL;DR: I enjoy doing research and writing about it. More details on LinkedIn. I've taken up the task of learning as much as possible about digital forensics on my own time. My particular focus and interest lie within behavioral analysis of user activity/malware artifacts. Discovering the process by which a user interacts with a computer could be a key determinant in the prosecution or defense of a guilty or innocent individual - I'd say that's a pretty big deal, wouldn't you? Add me on LinkedIn. Registry...
4n6k: Posts
http://www.4n6k.com/p/forensic-posts.html
Shellbags Forensics: Addressing a Misconception. Interpretation, step-by-step testing, new findings, and more). Timelines, interpretation, testing, and more). Jump List Forensics: AppIDs Part 1. Jump List Forensics: AppIDs Part 2. Jump List Forensics: AppID Master List (400 AppIDs). Forensics Quickie: PowerShell Versions and the Registry. Forensics Quickie: NTUSER.DAT Analysis (SANS CEIC 2015 Challenge #1 Write-Up). Forensics Quickie: Merging VMDKs and Delta/Snapshot Files (2 Solutions). Possible Unknown...
4n6k: January 2012
http://www.4n6k.com/2012_01_01_archive.html
Sunday, January 8, 2012. Forensics Quickie: Recovering Deleted Files With Scalpel (.CR2 Photos). These posts will consist of small tidbits of useful information that can be explained very succinctly. SD card was accidentally formatted; RAW photos in .cr2 format from a Canon Rebel T3 needed to be recovered. Boot up a Linux VM (I chose Ubuntu) and install Scalpel with:. Sudo apt-get install scalpel. Check to see if the required filetype signature is supported by Scalpel by default :. Links to this post.
4n6k: August 2014
http://www.4n6k.com/2014_08_01_archive.html
Tuesday, August 26, 2014. Forensic FOSS: 4n6k volatility installer.sh - Install Volatility For Linux Automatically. These posts will consist of open source software for use in everyday forensic investigations. Of this project by @wzod. 4n6k volatility installer.sh. Is a bash script that installs Volatility 2.4 (and all dependencies) for Ubuntu Linux with one command. Why Do I Need It? An internet connection and an APT-based Linux distribution [for the time being]. This script has been tested on stock...
4n6k: February 2012
http://www.4n6k.com/2012_02_01_archive.html
Friday, February 24, 2012. Forensics Quickie: Extracting Unallocated Space with The Sleuth Kit. These posts will consist of small tidbits of useful information that can be explained very succinctly. You'd like to do a keyword search - not only within user documents, but within deleted items, as well. We will need to extract unallocated space, first and foremost. Boot up a Linux VM (I chose Ubuntu) and install The Sleuth Kit:. Sudo apt-get install sleuthkit. Sudo apt-get install xmount. 1 The Sleuth Kit.
4n6k: Forensics Quickie: Verifying Program Behavior Using Source Code
http://www.4n6k.com/2014/03/forensics-quickie-verifying-program.html
Saturday, March 29, 2014. Forensics Quickie: Verifying Program Behavior Using Source Code. These posts will consist of small tidbits of useful information that can be explained very succinctly. How are Firefox profile directory names generated? The Answer (and the road to get there). The Firefox 'Profiles' folder showing the directory for the profile named "default.". In the 'Run.' dialog (Windows key R). We can confirm that there is only one profile and it is named "default.". Great We can actually see ...
4n6k: Forensics Quickie: Merging VMDKs & Delta/Snapshot Files (2 Solutions)
http://www.4n6k.com/2014/04/forensics-quickie-merging-vmdks.html
Wednesday, April 16, 2014. Forensics Quickie: Merging VMDKs and Delta/Snapshot Files (2 Solutions). These posts will consist of small tidbits of useful information that can be explained very succinctly. I had a VM that was suspended. I needed to see the most recent version of the filesystem. Upon mounting the base .vmdk file, I was presented with the filesystem that existed before. The snapshot was taken. Turns out I ran into a similar problem before.see my post on Mounting Split VMDKs. As mentioned, I n...
TOTAL LINKS TO THIS WEBSITE
39
hiddenidentityproject.wordpress.com
hidden identity project | the Italian – Chinese community in Prato
The Italian – Chinese community in Prato. Space, place and identity. My presentation at the 20th International Humanitarian Conference in Geneva. February 26, 2015. Hidden identity – a video. September 15, 2014. A video realized by our Webster students Lucas Bullens and Thoraya Binzagr. 2014 Webster University Geneva Research Symposium. April 1, 2014. Francesco Arese Visconti presenting his project on Chinese-Italian cultural integration at the 2014 Webster University Geneva Research Symposium. 同年 的 你 我 ...
Hidden Idol - Show your talents
Chennai 2015 Bharatanatyam Contest Channel. Preveena's Mandhi . Pushpanjali - Nik . Manthara - Nikita . Chennai 2014 Award Show. London 2014 - Classical Participant Entries. 3 Bharatanatyam v . London - Bharatanatyam Contest August 2014. Founder - Hiddeni . Participant 11 - . Founder - Hiddeni . London - Bharatanatyam Participant Entries August 2014. Sundaresan's Danc . Hiddenidol Fan - See what she has to say. Hiddenidol Fan - See what she has to say. 4 days ago by Hiddenidol1. 7 days ago by Hiddenidol1.
hiddenidols.com - hiddenidols Resources and Information.
This webpage was generated by the domain owner using Sedo Domain Parking. Disclaimer: Sedo maintains no relationship with third party advertisers. Reference to any specific service or trade mark is not controlled by Sedo nor does it constitute or imply its association, endorsement or recommendation.
Hidden idol | Show Your Talent
TalentTrove If You Have a Talent, Get Spotted Here. Posted October 10, 2013 by HiddenIdol.com. Be the first to comment. Http:/ hiddenidol.com/ Show your talent Now! Posted October 9, 2013 by HiddenIdol.com. Be the first to comment. Show your Hidden Talent. Posted October 3, 2013 by HiddenIdol.com. Welcome to the HiddenIdol. Be the first to comment. Posted October 2, 2013 by HiddenIdol.com. There are two principle ballroom styles: International. American style dancing also requires a fairly large dance fl...
Home | Hidde Nijland Stichting
Dr Ir H.A. Hidde Nijland. Uitvinder, constructeur en fabrikant. Mens achter de constructeur. Mej Elsa Hidde Nijland over haar vader. Welkom op de website van de Hidde Nijland Stichting. De Hidde Nijland Stichting zet zich in voor de bevordering van al datgene wat naar het oordeel van het Bestuur kan bijdragen tot de ontwikkeling van de wetenschap en het onderwijs op het gebied van de elektrotechniek, speciaal van de sterkstroom aan de Technische Hogeschool Delft, zulks in de ruimste zin.
:: hiddenillusion ::
See what others can't. Friday, April 18, 2014. This has been ported over to my GitHub site and is not longer being maintained here. For any issues, comments or updates head here. Have you ever had the need to anonymize or rewrite some data in an artifact for a blog post, paper, presentation, interview etc? What were the artifacts, what were the requirements and how did you go about tackling the situation at hand? If you’re unfamiliar with it then I suggest poking around with it - volshell gives you...
:: hiddenillusion :: · ... look beyond
The thoughts of a geek, forensicator, researcher and traveler. My crime is being curious. 12 mins to read. If you’re reading this then I’m sure you’re aware of what Prefetch on a Windows system is so I won’t bore you with a recap. Instead, I’d rather touch upon a different view of Prefetch and how I’ve leveraged it in non-traditional ways during my forensicating. Occasionally I’ve come. 13 mins to read. I’ve had to do this a few. Bruteforcing XOR with YARA. 14 mins to read. 27 mins to read. I attended bo...
SERENAAA'S ABODE | a constellation of imperfect perfections
Doorway to my dreams. A constellation of imperfect perfections. If we see one another next to never, how can we say forever. Published May 26, 2013. So much has happened since I last posted. Something very unpleasant happened but since it’s been rectified I don’t think I want to dwell or recall it. And the best part? I got to do the make up for my EC. He’s so pretty, my. Plus I find his Cantonese (he’s from Hong Kong) solo part charming as hell. You pick me up, you fix me up. Published May 14, 2013.
Hidden Image Hairdressing - Make the Change!
Hairdressing at it's Best. Finding a hairdresser you trust is not easy. WE UNDERSTAND and WE CAN HELP! Stunning changes we have created previously. All you need to know about looking your best on your big day. How to Find Us. Where is Hidden Image Hairdressing. Content on this page requires a newer version of Adobe Flash Player. Content on this page requires a newer version of Adobe Flash Player. Hidden Image Hairdressing: Shop 18, Max Murray Mall, Cnr of Park Ave and Gordon St, Coffs Harbour NSW.
hiddenimagemusic.wordpress.com
Hidden Image
It is a pleasure to announce the reformation and return of Hidden Image in 2017. Watch this space for more news coming soon…. John,Arun and Neil. Hidden Image. September 2007-January 2012. I remember writing that first song with Arun like it was last week. Sat cross-legged on my bedroom floor in Guildford, Arun playing what has now become his trademark style, me mumbling over some words and the realisation that we could write songs together (or at least attempt to! In no particular order:. A change from ...
hiddenimagery
SOCIAL ENGAGEMENT