Skip to content

Commit a7b311b

Browse files
SolitudePySolitudePy
committed
improvements
1 parent 5bb5a64 commit a7b311b

2 files changed

Lines changed: 16 additions & 13 deletions

File tree

README.md

Lines changed: 16 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,13 @@ Follow the outlined steps, explore the materials provided,
77
and feel free to ask questions as you go.
88
Currently this guide does not explore Memory Forensics
99
Remember to document your answers and reflections along the way, Let’s dive in!
10+
11+
Resources:
12+
Download these: LinuxForensicsLabVM, Exercises, PomeranzLinuxForensics.pdf, README.txt
13+
https://archive.org/download/HalLinuxForensics/media-v3.0.2/
14+
15+
Challenges:
16+
https://cyberdefenders.org/blueteam-ctf-challenges/?content=free&categories=endpoint-forensics&os=Linux
1017
```
1118
# Chapter 1. Linux Directories
1219

@@ -87,7 +94,7 @@ Remember to document your answers and reflections along the way, Let’s dive in
8794
# Chapter 5. Linux Artifacts & Live Response
8895
<a href="Subjects/5. Linux Artifacts & Live Response/Artifacts.html" target="_blank">Linux Artifacts guide</a><br>
8996
<a href="Resources/PomeranzLinuxForensics.pdf#page=5" target="_blank">PomeranzLinuxForensics page 5-13(including Exercise) By Hal Pomeranz</a><br>
90-
<a href="Resources/PomeranzLinuxForensics.pdf" target="_blank">PomeranzLinuxForensics Exercise 2-4(Honeypot Lab) By Hal Pomeranz</a>
97+
<a href="Resources/PomeranzLinuxForensics.pdf#Page=25" target="_blank">PomeranzLinuxForensics (Pages 25, 35, 49) Exercise 2-4(Honeypot Lab) By Hal Pomeranz</a>
9198

9299

93100
## Questions
@@ -97,15 +104,11 @@ Remember to document your answers and reflections along the way, Let’s dive in
97104
4. User login information is critical for tracking user activity. Choose three artifacts from the list that log user activity and explain how each could help determine whether unauthorized access has occurred.
98105

99106
# Chapter 6. Linux Bonus
100-
- Linux boot
101-
- Linux ptrace
102-
103-
ptrace implementations(strace, ltrace)
104-
login mechanism
105-
services
106-
boot mechanism
107-
signals
108-
syscalls
109-
suid
110-
111-
107+
<a href="Resources/ulk3.pdf" target="_blank">Understanding the Linux Kernel</a><br>
108+
109+
**Read about the following**
110+
* Linux bootloader
111+
* Ptrace
112+
* Linux Syscalls
113+
* Linux Signals
114+
* setuid,setgid, sticky bit file permissions

Resources/ulk3.pdf

5.35 MB
Binary file not shown.

0 commit comments

Comments
 (0)