elhacker.INFO Downloads
Copyright issues contact webmaster@elhacker.info
Name Size
Parent Directory -
pa-subject1.zip 3.7G
013-Determining-if-there-was-an-incident-part8-analyzing-the-log.mp4 55M
030-First-steps-after-mounting-an-image-part2-opening-a-CSV-file-LibreOffice-Calc.mp4 54M
034-First-steps-after-mounting-an-image-part6-examining-the-timeline.mp4 52M
022-Creating-an-image-from-a-physical-drive.mp4 51M
036-First-steps-after-mounting-an-image-part8-examing-bash-history-files.mp4 48M
042-Filesystem-analysis-part2-superblocks.mp4 47M
032-First-steps-after-mounting-an-image-part4-importing-passwd-and-group-files-into-your-database.mp4 46M
046-Filesystem-forensics-part6-reading-the-superblock-with-python.mp4 45M
039-First-steps-after-mounting-an-image-part11-extracting-successful-and-unsuccessful-login-information.mp4 45M
024-Mounting-an-image-part2-using-python-to-mount-mbr-based-images.mp4 44M
027-Mounting-an-image-file-part5-GUID-partitions.mp4 43M
028-Mounting-an-image-part6-mounting-GUID-partitions-with-Python.mp4 42M
003-First-steps.mp4 40M
038-First-steps-after-loading-an-image-part10-examining-system-logs.mp4 40M
014-Live-analysis-Part1-First-Steps.mp4 40M
021-Software-write-blocking-with-udev-rules.mp4 39M
012-Determining-if-there-was-an-incident-part7-collecting-initial-data.mp4 38M
006-Determining-if-there-was-an-incident-part1.mp4 38M
041-Filesystem-analysis-part1-Ext-filesystem-basics.mp4 37M
048-Filesystem-analysis-part8-Getting-the-big-picture-by-combining-superblock-and-group-descriptor-information.mp4 37M
097-malware-part8-looking-into-program-sections-and-segments.mp4 36M
105-malware-part16-obfuscation.mp4 36M
102-malware-part13-gdb-info-functions.mp4 35M
043-Filesystem-analysis-part3-Ext-filesystem-compatible-features.mp4 35M
008-Determining-if-there-was-an-incident-part3-server-scripts.mp4 35M
103-malware-part14-running-xingyi_bindshell-in-gdb.mp4 34M
007-Determining-if-an-incident-happened-part2-Netcat.mp4 33M
033-First-steps-after-mounting-an-image-part5-creating-a-timeline-in-the-database.mp4 33M
031-First-steps-after-mounting-an-image-part3-creating-a-MySQL-database-with-file-metadata.mp4 32M
073-Analyzing-the-results-of-running-inital-scan.mp4 32M
010-Determing-if-there-was-an-incident-part5-running-scripts.mp4 32M
004-Creating-a-Linux-forensics-USB-drive-part1.mp4 31M
026-Mounting-a-disk-image-part4-automatically-mounting-an-extended-partition-with-Python.mp4 31M
051-Inodes-part2-using-Python-to-find-inodes-that-are-out-of-place.mp4 31M
044-Filesystem-analysis-part4-Ext-filesystem-incompatible-features.mp4 30M
001-Linux001w.mp4 30M
047-Filesystem-analysis-part7-reading-the-block-group-descriptors-with-python.mp4 30M
009-Determing-if-there-was-an-incident-part4-client-scripts.mp4 29M
020-Creating-a-disk-image-from-a-virtual-machine-hard-drive.mp4 29M
023-Mounting-image-files-part1-MBR-basics.mp4 29M
034-timeline.txt 28M
040-First-steps-after-mounting-an-image-part12-examining-logins.mp4 28M
035-First-steps-after-mounting-an-image-part7-extracting-user-bash-history-files.mp4 28M
078-examing-bash-histories-on-pas2.mp4 28M
069-Memory-analysis-part8-getting-filesystem-information-from-Volatility.mp4 28M
019-Disk-imaging-basics.mp4 28M
050-Inodes-part1-finding-things-that-are-out-of-place.mp4 28M
064-Memory-analysis-part3-More-about-processes.mp4 27M
059-Inodes-part10-using-Python-to-read-directories-from-inode-numbers.mp4 27M
045-Filesystem-analysis-part5-ext-filesystem-read-only-compatible-features.mp4 26M
067-Memory-analysis-part6-using-volatility-check-plugins.mp4 26M
063-Memory-analysis-part2-Getting-process-information-with-volatility.mp4 26M
011-Determing-if-there-was-an-incident-part6-what-to-collect.mp4 26M
002-Linux002-Forensic-Basics.mp4 26M
016-Live-analysis-part3-compiling-LiME.mp4 26M
029-First-steps-after-mounting-an-image-part1-building-a-timeline-as-a-CSV-file.mp4 26M
015-Live-analysis-part2-memory-acquisition-basics.mp4 25M
104-malware-part15-running-xingyi_rootshell-in-gdb.mp4 24M
101-malware-part12-gdb-disassembly.mp4 24M
058-Inodes-part9-extending-our-Python-code-to-cat-files-from-inode-numbers.mp4 24M
065-Memory-analysis-part4-Process-maps-and-dumps.mp4 23M
099-malware-part10-strace.mp4 23M
037-First-steps-after-mounting-an-image-file-part9-extracting-system-logs.mp4 22M
053-inodes-part4-using-builtin-tools-and-the-sleuth-kit-to-examine-inodes.mp4 22M
106-the-road-ahead.mp4 22M
068-Memory-analysis-part7-getting-network-information-with-Volatility.mp4 22M
066-Memory-analysis-part5-getting-bash-information-with-volatility.mp4 22M
082-pas2-filesystem-analysis-part1-webserver-logs.mp4 21M
060-Inodes-part11-Inodes-and-extended-attributes.mp4 21M
087-pas2-filesystem-analysis-part6-web-payloads.mp4 21M
072-Running-scripts-against-our-second-subject.mp4 21M
076-digging-deeper-into-suspicious-processes-on-pas2-with-Volatility.mp4 20M
057-Inodes-part8-connecting-inodes-to-filenames-directory-entries.mp4 20M
017-Live-analysis-part4-dumping-RAM-with-LiME.mp4 20M
088-pas2-filesystem-analysis-part7-packet-captures.mp4 20M
055-Inodes-part6-from-inode-to-file.mp4 19M
049-Filesystem-analysis-part9-running-our-final-script.mp4 19M
054-Inodes-part5-Inode-extensions-and-details.mp4 19M
061-Inodes-part12-using-Python-to-read-extended-attributes-from-an-image.mp4 19M
025-Mounting-image-files-part3-Extended-Partitions.mp4 18M
096-malware-part7-more-fun-with-readelf.mp4 18M
070-Memory-analysis-part9-more-filesystem-information-from-Volatility.mp4 18M
052-Inodes-part3-digging-deeper-into-inodes.mp4 18M
005-Creating-a-Linux-forensics-USBdrive-part2.mp4 17M
086-pas2-filesystem-analysis-part5-creating-a-timeline.mp4 17M
062-Memory-analysis-part1-Building-a-Volatility-profile.mp4 17M
080-using-volatility-networking-functions-on-pas2.mp4 16M
091-malware-part2-is-it-a-known-file.mp4 16M
092-malware-part3-using-strings.mp4 16M
089-pas2-filesystem-analysis-part8-logins.mp4 15M
093-malware-part4-using-nm.mp4 15M
085-pas2-filesystem-analysis-part4-looking-at-hidden-directories.mp4 15M
081-using-Volatility-filesystem-functions-on-pas2.mp4 14M
077-using-Volatility-to-create-process-maps-and-dumps-on-pas2.mp4 14M
083-pas2-filesystem-analysis-part2-webserver-vulnerabilities.mp4 14M
095-malware-part6-intro-to-elf.mp4 14M
056-Inodes-part7-adding-support-for-extents-to-our-python-scripts.mp4 13M
071-Introducing-a-more-advanced-attack.mp4 13M
075-Using-Volatility-process-listing-commands-on-pas2.mp4 13M
090-Malware-part1-the-file-command.mp4 12M
079-using-Volatility-check-functions-on-pas2.mp4 12M
084-pas2-filesystem-analsys-part3-mysql-logs.mp4 11M
100-malware-analysis-part11-ltrace.mp4 10M
018-Shutting-down-the-subject-system.mp4 9.4M
098-malware-part9-setting-up-a-sandbox.mp4 8.4M
074-Banner-grabbing-the-second-subject.mp4 7.5M
094-malware-part5-using-ldd.mp4 7.4M
027-linux027.pdf 412K
062-vol-profile.zip 381K
002-linux002.pdf 223K
072-pas2-0715.zip 183K
095-malware-part6-intro-to-elf.pdf 97K
057-linux057-from-inodes-to-filenames.pdf 82K
041-linux041.pdf 72K
052-linux052.pdf 71K
054-linux054-inode-extensions-and-details.pdf 69K
055-linux055-from-inode-to-file.pdf 65K
045-linux045.pdf 62K
023-linux023.pdf 62K
025-linux025.pdf 62K
044-linux044.pdf 61K
060-linux060-Inodes-and-extended-attributes.pdf 60K
043-linux043.pdf 59K
001-linux1.pdf 58K
015-linux015.pdf 53K
043-fsstat.txt 51K
003-linux003.pdf 50K
019-linux019.pdf 50K
006-linux006.pdf 48K
018-linux018.pdf 47K
011-linux011.pdf 47K
007-linux007.pdf 45K
059-extfs.py 34K
058-extfs.py 34K
056-extfs.py 29K
048-extfs.py 22K
047-extfs.py 17K
046-extfs.py 13K
035-histories.csv 11K
021-4deck-1.1.zip 9.3K
013-log-2015-3-9.zip 6.7K
064-vol-linux.txt 4.6K
039-get-logins.sh 2.5K
028-mount-image-gpt.zip 2.5K
014-send-sha256sum.zip 2.0K
033-create-metadata-tables.sh 2.0K
031-create-files-table.sql 1.5K
051-out-of-seq-inodes.sh 1.5K
026-mount-image-extpart.zip 1.5K
009-setup-client.zip 1.5K
059-ils.py 1.4K
003-install-dfir.zip 1.4K
058-icat.py 1.3K
008-start-file-listener.zip 1.3K
056-istat.py 1.3K
056-istat(1).py 1.3K
024-mount-image.zip 1.2K
035-get-histories.sh 1.2K
033-create-timeline.sh 777
029-getmacs.zip 627
034-print-timeline.sh 579
011-initial-scan.zip 513