JK Kim

2.3K posts

JK Kim

@pr0neer

DFIR, cyber warfare, digital profiling, CEO & Founder PLAINBIT Co., Ltd. https://t.co/7APlFR4HQN

Seongnam-si, Republic of Korea Katılım Şubat 2010

717 Takip Edilen1K Takipçiler

JK Kim@pr0neer·8 Ara

Malicious PyPI packages that steal cryptocurrency wallet information, blog.plainbit.co.kr/pypi-package-t…

English

157

JK Kim@pr0neer·4 May

The 6th Digital Forensics Challenge (DFC) has begun. #DFC #DFC2023 dfchallenge.org

English

577

JK Kim@pr0neer·16 May

DFC2022 has started this year as well. Let's go solve the problem! dfchallenge.org

English

JK Kim@pr0neer·3 May

DFC(Digital Forensics Challenge)2021 started. Great experience, valuable time and improvement of my level dfchallenge.org #DFC2021

English

JK Kim@pr0neer·10 Ağu

@Forensicator4 Hi, Forensicator, I watched your DFC 2020 write-up well. However, since DFC 2020 is currently in progress, evaluation is getting difficult with the write-up you posted. If possible, post a write-up after the competition.

English

Forensicator@Forensicator4·5 Ağu

Blog time! This one's a write-up of a CTF that had me digging through NTFS artefacts I don't use every day. It was a real challenge and very enjoyable, made all the more interesting by not having most of my usual tools available bit.ly/31khFIy

English

JK Kim@pr0neer·18 May

The ranking of the @DFC2020 challenge has been updated. dfchallenge.org/ranking-2020/

English

JK Kim@pr0neer·1 May

Digital Forensics Challenge 2020 is finally OPEN! dfchallenge.org #DFC2020

English

JK Kim@pr0neer·7 Nis

Which dForensic tools are used by professionals? blog.plainbit.co.kr/archives/3142

English

JK Kim@pr0neer·31 Mar

Check the following registry key for the folder id of Windows Timeline. NTUSER.DAT\Software\Microsoft\Office\<version>\Common\Identity\Identities

English

JK Kim@pr0neer·11 Mar

@binaryz0ne @EricRZimmerman I'm always using that combination too. But sometimes I need a UI for winprefetchview.

English

Ali Hadi | B!n@ry@binaryz0ne·11 Mar

@pr0neer Just parse with PECmd and throw it into TimeLine Explorer also from @EricRZimmerman to keep a GUI flavor :)

English

JK Kim@pr0neer·11 Mar

Why does winprefetchview still parse format version 26? Please update to support Windows 10 (format version 30). PECmd is great, but it's hard to lose the GUI's comfort. github.com/libyal/libscca…

English

JK Kim@pr0neer·11 Mar

The boot prefetch is no longer visible in Windows 10. It seems to be the effect of fast startup. Now let's look at bootckcl.etl.

English

JK Kim@pr0neer·11 Mar

@binaryz0ne Windows 10 Pro ver 1903!

Deutsch

Ali Hadi | B!n@ry@binaryz0ne·10 Mar

@pr0neer On which system?

English

JK Kim@pr0neer·10 Mar

The Superfetch service is no longer visible. This service has been replaced by SysMain. The EnablePrefetcher registry value is no longer meaningful.

English

JK Kim@pr0neer·5 Mar

TaskForce vs. TX1 vs. Forensic Falcon, What would you choose? blog.plainbit.co.kr/archives/2932

English

JK Kim@pr0neer·5 Mar

Introduction to Atola TaskForce, blog.plainbit.co.kr/archives/2880

English

JK Kim@pr0neer·30 Ağu

DFC 2019's Ranking updated, dfchallenge.org/ranking-2019/

English

JK Kim@pr0neer·16 Ağu

DFC 2019's Ranking updated - 45 days left, dfchallenge.org/ranking-2019/

English

JK Kim@pr0neer·2 Ağu

DFC2019 Ranking Updated, dfchallenge.org/ranking-2019/

English

JK Kim@pr0neer·18 Tem

Using MITRE ATT&CK for Forensics: WMI Event Subscription (T1084), cyberforensicator.com/2019/07/13/usi…

English

Keşfet

@Forensicator4 @DFC2020 @binaryz0ne @EricRZimmerman @elonmusk @BarackObama @taylorswift13 @cristiano