Penguin’s secretes: Evidence collection in Linux

Date: 06/02/2025

Hey, bro, are you aware that Windows is dead? Everyone is switching to free software nowadays. You’re a hacker security guy, right? So, your job is to ensure security. And here’s an interesting case to be investigated: a Linux computer and an incident that occurred with it. Or maybe no incidents occurred, but you still have to check whether everything is clean. Do you know what to do in such situations? If not, we’ll tell you now. And even if you do, we strongly recommend to review this article anyway. It provides recipes for all occasions and presents an efficient set of powerful tools. Enjoy the reading!
Read full article →

Malware under surveillance. Sandboxes and how to detect them

Date: 16/09/2021

Boris Razor & Alex Mess

One of the ways to detect malware is to run it in a sandbox, i.e. in an isolated environment where you can monitor the program’s behavior. In this article, we will explain how sandboxes work and examine techniques allowing malicious programs to evade detection (including methods not covered in specialized literature and Internet blogs).
Read full article →