9:[["$","script",null,{"type":"application/ld+json","dangerouslySetInnerHTML":{"__html":"{\"@context\":\"https://schema.org\",\"@type\":\"SoftwareSourceCode\",\"name\":\"Forensic-Analysis-Artefact-Retrieval\",\"description\":null,\"codeRepository\":\"https://github.com/dshika/Forensic-Analysis-Artefact-Retrieval\",\"programmingLanguage\":null,\"author\":{\"@type\":\"Person\",\"name\":\"dshika\",\"url\":\"https://github.com/dshika\"},\"dateCreated\":\"2019-02-19T04:40:13Z\",\"dateModified\":\"2022-11-11T15:04:25Z\"}"}}],["$","$L15",null,{"repo":{"id":171406159,"node_id":"MDEwOlJlcG9zaXRvcnkxNzE0MDYxNTk=","name":"Forensic-Analysis-Artefact-Retrieval","full_name":"dshika/Forensic-Analysis-Artefact-Retrieval","private":false,"owner":{"login":"dshika","id":35754657,"node_id":"MDQ6VXNlcjM1NzU0NjU3","avatar_url":"https://avatars.githubusercontent.com/u/35754657?v=4","gravatar_id":"","url":"https://api.github.com/users/dshika","html_url":"https://github.com/dshika","followers_url":"https://api.github.com/users/dshika/followers","following_url":"https://api.github.com/users/dshika/following{/other_user}","gists_url":"https://api.github.com/users/dshika/gists{/gist_id}","starred_url":"https://api.github.com/users/dshika/starred{/owner}{/repo}","subscriptions_url":"https://api.github.com/users/dshika/subscriptions","organizations_url":"https://api.github.com/users/dshika/orgs","repos_url":"https://api.github.com/users/dshika/repos","events_url":"https://api.github.com/users/dshika/events{/privacy}","received_events_url":"https://api.github.com/users/dshika/received_events","type":"User","user_view_type":"public","site_admin":false},"html_url":"https://github.com/dshika/Forensic-Analysis-Artefact-Retrieval","description":null,"fork":false,"url":"https://api.github.com/repos/dshika/Forensic-Analysis-Artefact-Retrieval","forks_url":"https://api.github.com/repos/dshika/Forensic-Analysis-Artefact-Retrieval/forks","keys_url":"https://api.github.com/repos/dshika/Forensic-Analysis-Artefact-Retrieval/keys{/key_id}","collaborators_url":"https://api.github.com/repos/dshika/Forensic-Analysis-Artefact-Retrieval/collaborators{/collaborator}","teams_url":"https://api.github.com/repos/dshika/Forensic-Analysis-Artefact-Retrieval/teams","hooks_url":"https://api.github.com/repos/dshika/Forensic-Analysis-Artefact-Retrieval/hooks","issue_events_url":"https://api.github.com/repos/dshika/Forensic-Analysis-Artefact-Retrieval/issues/events{/number}","events_url":"https://api.github.com/repos/dshika/Forensic-Analysis-Artefact-Retrieval/events","assignees_url":"https://api.github.com/repos/dshika/Forensic-Analysis-Artefact-Retrieval/assignees{/user}","branches_url":"https://api.github.com/repos/dshika/Forensic-Analysis-Artefact-Retrieval/branches{/branch}","tags_url":"https://api.github.com/repos/dshika/Forensic-Analysis-Artefact-Retrieval/tags","blobs_url":"https://api.github.com/repos/dshika/Forensic-Analysis-Artefact-Retrieval/git/blobs{/sha}","git_tags_url":"https://api.github.com/repos/dshika/Forensic-Analysis-Artefact-Retrieval/git/tags{/sha}","git_refs_url":"https://api.github.com/repos/dshika/Forensic-Analysis-Artefact-Retrieval/git/refs{/sha}","trees_url":"https://api.github.com/repos/dshika/Forensic-Analysis-Artefact-Retrieval/git/trees{/sha}","statuses_url":"https://api.github.com/repos/dshika/Forensic-Analysis-Artefact-Retrieval/statuses/{sha}","languages_url":"https://api.github.com/repos/dshika/Forensic-Analysis-Artefact-Retrieval/languages","stargazers_url":"https://api.github.com/repos/dshika/Forensic-Analysis-Artefact-Retrieval/stargazers","contributors_url":"https://api.github.com/repos/dshika/Forensic-Analysis-Artefact-Retrieval/contributors","subscribers_url":"https://api.github.com/repos/dshika/Forensic-Analysis-Artefact-Retrieval/subscribers","subscription_url":"https://api.github.com/repos/dshika/Forensic-Analysis-Artefact-Retrieval/subscription","commits_url":"https://api.github.com/repos/dshika/Forensic-Analysis-Artefact-Retrieval/commits{/sha}","git_commits_url":"https://api.github.com/repos/dshika/Forensic-Analysis-Artefact-Retrieval/git/commits{/sha}","comments_url":"https://api.github.com/repos/dshika/Forensic-Analysis-Artefact-Retrieval/comments{/number}","issue_comment_url":"https://api.github.com/repos/dshika/Forensic-Analysis-Artefact-Retrieval/issues/comments{/number}","contents_url":"https://api.github.com/repos/dshika/Forensic-Analysis-Artefact-Retrieval/contents/{+path}","compare_url":"https://api.github.com/repos/dshika/Forensic-Analysis-Artefact-Retrieval/compare/{base}...{head}","merges_url":"https://api.github.com/repos/dshika/Forensic-Analysis-Artefact-Retrieval/merges","archive_url":"https://api.github.com/repos/dshika/Forensic-Analysis-Artefact-Retrieval/{archive_format}{/ref}","downloads_url":"https://api.github.com/repos/dshika/Forensic-Analysis-Artefact-Retrieval/downloads","issues_url":"https://api.github.com/repos/dshika/Forensic-Analysis-Artefact-Retrieval/issues{/number}","pulls_url":"https://api.github.com/repos/dshika/Forensic-Analysis-Artefact-Retrieval/pulls{/number}","milestones_url":"https://api.github.com/repos/dshika/Forensic-Analysis-Artefact-Retrieval/milestones{/number}","notifications_url":"https://api.github.com/repos/dshika/Forensic-Analysis-Artefact-Retrieval/notifications{?since,all,participating}","labels_url":"https://api.github.com/repos/dshika/Forensic-Analysis-Artefact-Retrieval/labels{/name}","releases_url":"https://api.github.com/repos/dshika/Forensic-Analysis-Artefact-Retrieval/releases{/id}","deployments_url":"https://api.github.com/repos/dshika/Forensic-Analysis-Artefact-Retrieval/deployments","created_at":"2019-02-19T04:40:13Z","updated_at":"2022-11-11T15:04:25Z","pushed_at":"2019-02-20T17:20:36Z","git_url":"git://github.com/dshika/Forensic-Analysis-Artefact-Retrieval.git","ssh_url":"git@github.com:dshika/Forensic-Analysis-Artefact-Retrieval.git","clone_url":"https://github.com/dshika/Forensic-Analysis-Artefact-Retrieval.git","svn_url":"https://github.com/dshika/Forensic-Analysis-Artefact-Retrieval","homepage":null,"size":11781,"stargazers_count":1,"watchers_count":1,"language":null,"has_issues":true,"has_projects":true,"has_downloads":true,"has_wiki":true,"has_pages":false,"has_discussions":false,"forks_count":0,"mirror_url":null,"archived":false,"disabled":false,"open_issues_count":0,"license":null,"allow_forking":true,"is_template":false,"web_commit_signoff_required":false,"has_pull_requests":true,"pull_request_creation_policy":"all","topics":["autopsy","veracrypt","wireshark"],"visibility":"public","forks":0,"open_issues":0,"watchers":1,"default_branch":"master","temp_clone_token":null,"network_count":0,"subscribers_count":0},"readme":"

Forensic Analysis and Artefact Retrieval

Forensic analysis of the system image was performed using Autopsy
The TCP messages and responses to the malware files were captured using Wireshark
Some volume in the disk image was encrypted using Veracrypt, the same was decrypted

","readmeHeadings":[{"id":"forensic-analysis-and-artefact-retrieval","text":"Forensic Analysis and Artefact Retrieval","level":1}],"languages":{},"contributors":[{"login":"dshika","avatar_url":"https://avatars.githubusercontent.com/u/35754657?v=4","html_url":"https://github.com/dshika","contributions":3}],"releases":[]}]]

dshika/Forensic-Analysis-Artefact-Retrieval

Forensic Analysis and Artefact Retrieval

On this page

Contributors