Great video! Really advantageous to be comfortable with using virtual machines suited for different scenarios such as malware analysis or DFIR. Plus, the resources are open source and free to tinker is hugely advantageous. Very important to be exposed to this really beneficial information and be able to know which tools or distorts are the best for different types of investigations etc. really great demo of each of the distros and commentary. Fantastic work!
Interesting, I don't know anything about cybersecurity and don't even work in the field. Is it possible to change the middle of the hash? I noticed you checked the beginning and end. Probably a stupid question, but I'm curious.
That is a great question! A hash is an algorithm that takes the file and outputs a fixed length string after its calculations. It is highly unlikely that the middle of the hash would change if I am comparing 2 presumably identical files. One single modification to a file (not the filename itself but the contents) would change the hash completely (including beginning and end) - this is why i only checked the beginning and end. Hopefully that makes sense!
Can you give one example, where Linux forensics has helped in a court case. I've got CAINE and I've tried CSI Linux, but these are concept, rather than workable ideas and very slow. I'm thinking if I'm a defence lawyer and unbiased, my forensics wouldn't get past first step. I would love for there to be an OS where it actually worked, but I even think, CAINE has taken out Autopsy in their new versions. One day maybe.
Hi Bro i have been following your content you make great videos. i need a help with nessus, im doing a lab where im scanning Metasploitable machine,im adding the IP of it in nessus ,i initiate the scan ,scan finishes in 5 seconds and no results, firewall disabled ,also im getting ping from Metasploitable to my local system and vice versa,can you tell me what could be the reason im not able to scan and get the report?
Hey, thanks! As I do not know what/how your configurations are and assuming nothing was touched on your metasploitable box, I would open up a packet capture tool to capture packets and see if nessus is even hitting the box.
Great video! Really advantageous to be comfortable with using virtual machines suited for different scenarios such as malware analysis or DFIR. Plus, the resources are open source and free to tinker is hugely advantageous. Very important to be exposed to this really beneficial information and be able to know which tools or distorts are the best for different types of investigations etc. really great demo of each of the distros and commentary. Fantastic work!
Agreed! Thanks for watching!
Love all your videos they have been a great help!
Happy to help!
I just stumbled on to your channel. GREAT content, I hope your channel grows!
I appreciate that!
Thank you for making this, this is some top tier info that you'd have to pay $5,000 at SANS to hear about
Thank you for watching!
Please suggest which one to use for a student who want to start DFIR
Cant go wrong with either but SANS SIFT tends to be the more popular choice. I would recommend you use that.
@@MyDFIR thanks
Thank from Dominican republic
Interesting, I don't know anything about cybersecurity and don't even work in the field. Is it possible to change the middle of the hash? I noticed you checked the beginning and end. Probably a stupid question, but I'm curious.
That is a great question! A hash is an algorithm that takes the file and outputs a fixed length string after its calculations. It is highly unlikely that the middle of the hash would change if I am comparing 2 presumably identical files.
One single modification to a file (not the filename itself but the contents) would change the hash completely (including beginning and end) - this is why i only checked the beginning and end.
Hopefully that makes sense!
That does make sense, thank you for your reply :) @@MyDFIR
Actually kinda just blew my mind.
@@MyDFIR
Can you give one example, where Linux forensics has helped in a court case. I've got CAINE and I've tried CSI Linux, but these are concept, rather than workable ideas and very slow. I'm thinking if I'm a defence lawyer and unbiased, my forensics wouldn't get past first step. I would love for there to be an OS where it actually worked, but I even think, CAINE has taken out Autopsy in their new versions. One day maybe.
Hi Bro i have been following your content you make great videos.
i need a help with nessus, im doing a lab where im scanning Metasploitable machine,im adding the IP of it in nessus ,i initiate the scan ,scan finishes in 5 seconds and no results, firewall disabled ,also im getting ping from Metasploitable to my local system and vice versa,can you tell me what could be the reason im not able to scan and get the report?
Hey, thanks! As I do not know what/how your configurations are and assuming nothing was touched on your metasploitable box, I would open up a packet capture tool to capture packets and see if nessus is even hitting the box.
That's a good way we can test it out, now what I did was tried installing nessus on my linux vm and it worked!!
Tough day to have m1 macpro