InfoSec Write-ups

A collection of write-ups from the best hackers in the world on topics ranging from bug bounties…

Follow publication

Member-only story

Advent of Cyber 4 writeup: A case study in digital forensics and incident response

Aleksey
InfoSec Write-ups
Published in
15 min readDec 26, 2022

--

Digital forensics and incident response, a term which is typically shortened to “DFIR,” is a necessary process for any organisation that wants to keep its computer systems, along with the data stored in them, safe. Malicious hackers who have enough motivation will eventually find a way to hack into a target computer system — sometimes even when the computer system in question is not connected to the internet (Berghel 2015; Greenberg 2018; Fino 2021). In this article, I will discuss my experience working out DFIR problems regarding a fictional case.

Some image components from: Miraculous Ladybug (2022) and “kuraxmasha” (n.d.).

Contents at a glance

  1. Background
  2. Procedure
  3. Discussion
  4. Conclusion
  5. References

Background

Digital forensics can be defined as “the use of scientifically derived and [empirically demonstrated] methods toward the preservation, collection, validation, identification, analysis, interpretation, documentation, and presentation of digital evidence derived from digital sources, […]” (Reith 2022) and incident response can be defined as “an organized approach to addressing and managing the aftermath of a security breach or cyberattack” (Chai et al. c.a. 2022). One can infer that…

Create an account to read the full story.

The author made this story available to Medium members only.
If you’re new to Medium, create a new account to read this story on us.

Or, continue in mobile web

Already have an account? Sign in

--

--

Published in InfoSec Write-ups

A collection of write-ups from the best hackers in the world on topics ranging from bug bounties and CTFs to vulnhub machines, hardware challenges and real life encounters. Subscribe to our weekly newsletter for the coolest infosec updates: https://weekly.infosecwriteups.com/

No responses yet

Write a response