Author: Lipson Thomas Philip

If you’re just getting started with ethical hacking or network troubleshooting, Nmap should be one of the first tools you master. Nmap, or Network Mapper, is an open-source, very flexible application used by Linux systems and network administrators. It is frequently used for network exploration, security scanning, auditing, and discovering open ports on remote computers.0 Nmap can detect active hosts, operating systems, packet filters, and open ports on distant computers. In this guide, we’ll walk through 30 practical Nmap commands that you can start using right away — with clear explanations so you understand what each one does. Why 28…

Monitoring and managing disk usage is important for any Linux user, including Windows and Mac users. The traditional du (disk usage) command was available. While the du command was functional, using or checking the disk’s usage was not easy. Now, we have a new way to analyze disk usage using a new tool/command known as ncdu. This command easily finds directories or software, which is hogging space. It doesn’t matter if you’re a system admin, developer, or casual user; this tool can save you time and frustration. This article will walk you through what ncdu is, how it works, and…

Introduction Splunk’s power lies in its ability to surface data when and where you need it. However, if your home screen is a mess or your preferences aren’t set, you’re wasting time every time you log in. Setting the right home dashboard and preferences is more than convenience—it’s productivity, clarity, and speed. What is the Home App in Splunk? The Home App is the launchpad users see upon logging into Splunk. By default, it might show a generic welcome screen or a list of apps. But it can be customized to display a specific dashboard tailored to your needs. Think…

According to PGIM, the global data sphere is expected to grow to 2100 zettabytes by 2035. Splunk is a data platform designed to handle large amounts of data for large organizations. There are a few questions we have to answer first: Everyone has the same or similar questions in their mind. The answer is That Organizations usually handle billions or trillions of data, which makes it difficult for us to maintain and analyze. Here, software like Splunk comes into the picture. Splunk excels at handling unstructured, semi-structured, and structured data without any issues. It collects, indexes, and enables users to…

Browser extensions are handy. They block ads, save passwords, manage tabs, take screenshots, and do a hundred other things that make browsing better. But behind that convenience lies a major security blind spot. Extensions can – and sometimes do – hack your browser, steal your data, and compromise your privacy. Here’s how it happens, what to watch out for, and how to stay safe. What Are Browser Extensions? Browser extensions are small software add-ons that enhance the functionality of your browser. They can be installed from official marketplaces like the Chrome Web Store or Mozilla’s Add-ons site. Some are built…

Volatility 3 is an essential memory forensics framework for analyzing memory dumps from Windows, Linux, and macOS systems. One of its main strengths is process and thread analysis, which can detect hidden, injected, or manipulated processes and threads used by malware. This article breaks down the core plugins and techniques used in Volatility 3 to analyze processes and threads and how they can be leveraged to detect malicious activity. What to Look for in Processes? Processes are among the most critical artifacts to examine when analyzing memory dumps. The malware hides by manipulating process structures, injecting code, or running under…

Analyzing a memory dump or (Memory Dump Analysis) can feel like peering into the soul of a system. It reveals everything the system was doing when the snapshot was taken. Understanding memory dumps is valuable if you’re a digital forensics professional, malware analyst, or cybersecurity student. Volatility 3 is one of the most essential tools for memory analysis. This article walks you through the first steps using Volatility 3, including basic commands and plugins like imageinfo, pslist, and more. Starting with a Memory Dump Before digging into plugins, make sure you have a valid memory dump and Volatility3 loaded. Volatility3…

Description of the machine Deathnote is an easy-level virtual machine available on Vulnhub designed to enhance your skills for beginners. This walkthrough will guide you through each step to exploit the machine and achieve root access. The machine is inspired by the Japanese manga series “DeathNote”. Note: According to HWKDS (the author), this VM works better in VirtualBox than VMWare. However, this guide performed the walkthrough in VMWare. If you find any problems, refer to the “Common Fixes & Troubleshoot section”. Machine Information NameDeathnoteRelease Date4 September 2021Created ByHWKDSSeriesDeathnoteFile Size658 MBFormatVirtual Machine (OVA)Operating SystemLinuxDHCP ServiceEnabledIP AddressAutomatically Assign Note: The root is disabled…

Volatility 3 is a robust open-source memory forensics framework written in Python. Built from the ground up to replace its predecessor, Volatility2, it takes advantage of modern Python language practices and modular architecture. This article breaks down its internal architecture, explaining its core components, the role of plugins, and how its design benefits both analysts and developers. Architecture Volatility 3 Overview At its core, Architecture Volatility3 is built on a clean, object-oriented design that separates concerns into discrete components. This modularity is one of the main architectural improvements over Volatility2. The system is structured around three primary building blocks: 1.…

Nowadays, memory forensics is a crucial component of digital investigations. Knowing what’s going on in a computer’s memory might provide information that disk forensics frequently overlooks, whether one is a threat hunter, incident responder, or malware analyst. Tools must change to keep up with the increasing sophistication of cyber threats. Volatility 3 is a free memory forensics tool developed and maintained by the Volatility Foundation. It is written in Python and used by malware researchers and SOC analysts. It is available for Linux, MacOS, and Windows. Volatility 3 is a widely used framework for extracting digital artifacts from volatile memory…