Difference between revisions of "Case Studies"

From SleuthKitWiki
Jump to: navigation, search
(copied from http://www.sleuthkit.org/case/index.php)
 
m (Reverted edits by B8713ka (talk) to last revision by Apriestman)
 
(36 intermediate revisions by 8 users not shown)
Line 1: Line 1:
 
= Honeynet Challenges=  
 
= Honeynet Challenges=  
The following were written as "official" reports for challenges from the [http://www.honeynet.org Honeynet Project].
+
The following were written as "official" reports for challenges from the [http://www.honeynet.org Honeynet Project] and provide examples of how to use [[TSK]] and [[Autopsy]].  
  
 
Scan of the Month #29 - Linux VMWare (September 2003)
 
Scan of the Month #29 - Linux VMWare (September 2003)
Line 17: Line 17:
 
* [http://www.honeynet.org/scans/scan15/ The Challenge]
 
* [http://www.honeynet.org/scans/scan15/ The Challenge]
 
* [http://www.sleuthkit.org/case/sotm_15/index.html Report]
 
* [http://www.sleuthkit.org/case/sotm_15/index.html Report]
 +
 +
 +
=Other=
 +
If you have examples of how TSK or Autopsy were used in an investigation, please provide a link here.

Latest revision as of 06:03, 12 February 2018

Honeynet Challenges

The following were written as "official" reports for challenges from the Honeynet Project and provide examples of how to use TSK and Autopsy.

Scan of the Month #29 - Linux VMWare (September 2003)

Scan of the Month #26 - FAT 12 Floppy - Part 2 (February 2003)

Scan of the Month #24 - FAT 12 Floppy - Part 1 (October 2002)

Scan of the Month #15 - Recover a deleted Linux rootkit (May 2001)


Other

If you have examples of how TSK or Autopsy were used in an investigation, please provide a link here.