RSS Feed



⛔️ Spoiler alert! Case Details This is not an investigation like the previous one. This is threat hunting.


⛔️ Spoiler alert! Case Details Artefacts in posession: memory dump, OS event logs, registry files, Prefetch files, $MFT file, ShimCache, AmCache, network traffic dumps.

Once There Lived Admin

Hey, ps! Would like you to hear a fairy tale? I am sure that you do!

Diffie-Hellman Key Exchange

I’ve written this article while I was untanging RSA and Deffie Hellman inside my head. What I need to stree right here, in the article description, the main difference between them is the Deffie Hellman is NOT a encryption algorithm!


To my utter embarrassment I had to admit that I’ve recently realized I didn’t remember how the RSA worked….

Mutable vs Immutable

>>> import ctypes >>> a = 5 >>> address = id(a) >>> address 4307917216 >>> ctypes.