Overview
Explore anti-forensics techniques in this 51-minute conference talk from BruCON Security Conference. Dive into a comprehensive overview covering Windows VM recall, Linux commands, Lime and Volatility setup, and Android forensics. Learn about memory acquisition, cross-compilation, and using netcat for database pulls. Discover techniques for evidence manipulation, including encryption, decryption, and Bluetooth exploitation. Gain insights into hardware implants, credential extraction, and CTF challenges. Examine file system manipulation, device unlocking, and SD card forensics. Master practical skills for both offensive and defensive security professionals interested in understanding and countering anti-forensics methods.
Syllabus
Intro
Overview
Windows VM
Recall
Linux Commands
Lime Setup
Volatility Setup
Running grep
Grafting
Android Stuff
Acquisition
Requirements
Memory
CrossCompile
Netcat
DB Pull
Goat Simulator
Using Encryption
Evidence
Kill Chain
Decrypt
Bluetooth
Duck the Police
Deploy Hardware Implants
creds easy mode
CTF time
CTF rules
Adding your name
File format
Lost and Found
Challenge
Overwrite
Mount
Lock Switch
Card Removal
SD Cards
Firmware
SDTool
Unlock Device
SD Tool
TLDR
Taught by
BruCON Security Conference