top of page
Actively looking roles in cybersecurity. If you have a reference or a job opportunity, your support would mean the world to me!
Understanding macOS App Preference Files, (MRU) Files Shared File Lists and Account Artifacts for Digital Forensics
When analyzing applications on macOS, understanding where configuration files, databases, and caches are stored is crucial. These files...
-
12 minutes ago4 min read
10 views
0 comments
macOS Tracking Users Activity ,Autoruns Application-Level Firewall and Forensic Insights
When investigating a macOS system, understanding user accounts, logins, privilege escalations, and screen activity is crucial. Whether...
-
3 days ago5 min read
26 views
0 comments
macOS System Artifacts: macOS Finder, GUI Configurations, Time Changes, Bluetooth, Printing, and Sharing
macOS Finder Preferences Location: Â ~/Library/Preferences/com.apple.finder.plist Finder is the macOS equivalent of Windows Explorer,...
-
4 days ago5 min read
42 views
0 comments
Log Analysis on macOS(Part 2) : A Creative Approach
Logs are like digital breadcrumbs—traces of system activities that tell a story. But with millions of log entries, scrolling aimlessly...
-
5 days ago7 min read
45 views
0 comments
A Curious Case with SentinelOne: Same Rule, Different Behavior?
#### April, 2025, if this get resolved in future will update the same#### Hey folks! First off, a big thanks to everyone who’s been...
-
6 days ago4 min read
44 views
0 comments
Making Sense of macOS Logs(Part1): A User-Friendly Guide
If you've ever had to analyze logs from different systems, you know how frustrating it can be to correlate events across multiple time...
-
Apr 79 min read
47 views
0 comments
macOS File System Events: The Power of Spotlight
Ever wondered how macOS allows users to instantly find files, emails, photos, and even downloaded apps? The magic behind this lies in...
-
Apr 53 min read
26 views
0 comments
Investigating macOS File System Events: The Hidden Forensic Trail
Ever wondered how macOS keeps track of file system changes? Deep within the system lies a powerful yet often overlooked artifact—the...
-
Apr 24 min read
69 views
0 comments
Exploring macOS Extended Attributes: The Hidden Metadata You Didn’t Know Existed
If you've ever wondered how macOS knows where a downloaded file came from or why certain files prompt security warnings, the answer lies...
-
Apr 14 min read
68 views
0 comments
Understanding Partitioning Schemes, FileVault 2 and macOS Encryption: A User-Friendly Guide
When it comes to Mac systems, partitioning schemes play a crucial role in organizing data, managing storage, and ensuring smooth system...
-
Mar 316 min read
40 views
0 comments
Identifying Malicious Software: A Guide for Incident Responders
One of the most critical challenges faced by incident responders is the rapid identification of suspicious and malicious software on a...
-
Mar 286 min read
134 views
0 comments
Equifax to WazirX: Lessons in Cybersecurity Failures
Case Study I : Equifa Data Breach The 2017 Equifax data breach is one of the most significant cybersecurity incidents in recent history....
-
Mar 276 min read
9 views
0 comments
Part 3 Code Injection : How to detect it and Finding Evil in Memory with MemProcFS FindEvil Plugin
When it comes to modern cyber threats, attackers are getting craftier with their code injection techniques. The old-school methods are...
-
Mar 265 min read
59 views
0 comments
Part 2 Code Injection: How to Detect It
Lets continue where we left off The simplest form of this attack involves forcing a process to load a new DLL (Dynamic Link Library)....
-
Mar 253 min read
92 views
0 comments
Why Code Injection is a Hacker's Favorite Trick and How to Detect It through Memory forensic
A common question that comes up a lot is: "If code injection is so easy to detect, why do attackers keep using it?" The simple answer?...
-
Mar 246 min read
60 views
0 comments
Electron Application Forensics and Analyzing LevelDB in Digital Forensics: A Simple Guide
Electron is a game-changer in the world of app development. It allows developers to create desktop applications using web technologies...
-
Mar 224 min read
28 views
0 comments
Private Browsing: What Really Gets Left Behind? and Recovering Deleted Browser Artifacts.
Private Browsing Private browsing modes in popular browsers like Chrome, Edge, and Firefox promise to leave no trace behind. They prevent...
-
Mar 214 min read
71 views
0 comments
Investigating Edge-Based Browsers: A Forensic Guide/Browser analysis Book
In today's digital age, understanding browser data is essential for cybersecurity investigations and digital forensics. Browsers store a...
-
Mar 202 min read
24 views
0 comments
Understanding Microsoft Edge Synchronization: A Forensic Perspective
In today’s digital world, users expect seamless synchronization across multiple devices. Whether switching between a laptop, tablet, or...
-
Mar 193 min read
21 views
0 comments
Forensic Analysis of Microsoft Edge Collections and IE Mode
Microsoft Edge introduced Collections , a unique feature that enhances how users organize and save web content. Unlike traditional...
-
Mar 183 min read
26 views
0 comments
bottom of page