{"version":1,"pages":[{"id":"-MH48O7E0UBRysl2SadO","title":"What is this?","pathname":"/sleuthifer","siteSpaceId":"sitesp_6Snyy","description":"This is a place I keep security related learning I do and publicly share it with others. The aim is to provide easily digestible information for others to learn from."},{"id":"-MaXt07jPyc32oFRyQWC","title":"Cipher (Anti-forensics)","pathname":"/sleuthifer/digital-forensics/cipher","siteSpaceId":"sitesp_6Snyy","description":"Gone with out a trace (a garbled one at least)","breadcrumbs":[{"label":"Digital Forensics"}]},{"id":"-M_PdXWM-KDF322P3QyG","title":"PowerShell History","pathname":"/sleuthifer/digital-forensics/powershell-history","siteSpaceId":"sitesp_6Snyy","description":"Where to find the PowerShell history file.","breadcrumbs":[{"label":"Digital Forensics"}]},{"id":"-MJy4R5zf40j8MkAdVLM","title":"File Carving","pathname":"/sleuthifer/digital-forensics/file-carving","siteSpaceId":"sitesp_6Snyy","description":"How to manually carve files from the most common file systems you will encounter.","breadcrumbs":[{"label":"Digital Forensics"}]},{"id":"-MKEFqkz0dST7wlPSMYu","title":"FAT32 File Carving","pathname":"/sleuthifer/digital-forensics/file-carving/fat32-file-carving","siteSpaceId":"sitesp_6Snyy","description":"How to manually carve a deleted file from a FAT32 file system using FTKimager.","breadcrumbs":[{"label":"Digital Forensics"},{"label":"File Carving"}]},{"id":"-MHzbHAt8nTyUwCf69q3","title":"FTK Imager","pathname":"/sleuthifer/digital-forensics/untitled","siteSpaceId":"sitesp_6Snyy","description":"A brief intro to FTK Imager","breadcrumbs":[{"label":"Digital Forensics"}]},{"id":"-MIY6k31Zsz27Pu8bc67","title":"Imaging & Verifying","pathname":"/sleuthifer/digital-forensics/untitled/imaging-and-verifying","siteSpaceId":"sitesp_6Snyy","description":"How to create a forensic image with FTK Imager","breadcrumbs":[{"label":"Digital Forensics"},{"label":"FTK Imager"}]},{"id":"-MHGAJy-1I5b2lBrdr58","title":"Wireshark","pathname":"/sleuthifer/digital-forensics/wireshark","siteSpaceId":"sitesp_6Snyy","description":"A brief intro to Wireshark","breadcrumbs":[{"label":"Digital Forensics"}]},{"id":"-MHKd0wWoZS9SOSGkWtF","title":"Protocol Summary and DHCP","pathname":"/sleuthifer/digital-forensics/wireshark/protocol-summary-and-dhcp","siteSpaceId":"sitesp_6Snyy","description":"","breadcrumbs":[{"label":"Digital Forensics"},{"label":"Wireshark"}]},{"id":"-MHQMGi2egtVJqp_8txA","title":"Follow TCP Stream and SMTP","pathname":"/sleuthifer/digital-forensics/wireshark/simple-mail-transfer-protocol-smtp","siteSpaceId":"sitesp_6Snyy","description":"","breadcrumbs":[{"label":"Digital Forensics"},{"label":"Wireshark"}]},{"id":"-M_JrmFmazt7TOwvefaP","title":"You've been hit, popped or breached?","pathname":"/sleuthifer/ir/youve-been-hit-popped-or-breached","siteSpaceId":"sitesp_6Snyy","description":"A quick and frank article on what should happen if you are unfortunate to be involved in a cyber security incident.","breadcrumbs":[{"label":"Incident Response"}]},{"id":"-MdxyB_LCVXn17gZveRS","title":"Threat Intelligence & Intrusion Analysis","pathname":"/sleuthifer/ir/threat-intelligence","siteSpaceId":"sitesp_6Snyy","description":"A collection of information for starting to understand threat intelligence, different models used to identify or understand attackers behaviour and how this can assist in preventing attacks.","breadcrumbs":[{"label":"Incident Response"}]},{"id":"-MiuDmbt35N-UZJ8LwyE","title":"Part 1: Memory and Volatility","pathname":"/sleuthifer/memory-analysis/part1-memory-and-volatility","siteSpaceId":"sitesp_6Snyy","description":"An introduction to examining RAM with volatility","breadcrumbs":[{"label":"Memory Analysis"}]},{"id":"F2Hz46Jf3BDR1I2qp3fW","title":"TBC","pathname":"/sleuthifer/kql-for-sentinel/tbc","siteSpaceId":"sitesp_6Snyy","description":"Info coming soon.","breadcrumbs":[{"label":"KQL for Sentinel"}]},{"id":"-MHShD_13HrWlbuTf4aV","title":"Tools","pathname":"/sleuthifer/tools","siteSpaceId":"sitesp_6Snyy","description":""},{"id":"-MHGIXI0lRnCYFwkNmZk","title":"Useful Links","pathname":"/sleuthifer/useful-links","siteSpaceId":"sitesp_6Snyy","description":"Training, News and Items of interest"}]}