At the time the 2009 challenge was posted I think I only looked at the network traffic side of things and didn't get a lot out of it. Not sure if I'd done the GCFA and SANS 508 course at that time or not, but I know I didn't dig into the memory or disk dumps. Would have been nice to knowing a bit more about that stuff now. Anyway, glanced through a few of the writeups, very nice work!
You can find the writeups, challenge info, etc here
I think NetworkMiner will make much better use of the pcap files that Satori does, but Satori isn't designed for this type of thing anyway!
Sunday, December 13, 2009
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment