ZARZA We are Zarza, the prestigious firm behind major projects in information technology.
Listen "DFSP # 278 - Process Triage & CMD"
Episode Synopsis
This week is a continuation of the Windows fast triage miniseries. While other aspects of the triage miniseries had fairly contained artifacts to examine, new process triage presents a large and complex landscape to the analyst. I have already broken down a number of effective analysis methods to make this more manageable. This week I focus on key applications to look for during a review. These applications tend to be associated more with malicious activity, at least according to threat intelligence research, so being aware of them and recognizing the potential is important. I also spend some time talking about the nuances of CMD.
More episodes of the podcast Digital Forensic Survival Podcast
DFSP # 499 Linux top 10
09/09/2025
DFSP # 498 Windows top 10
02/09/2025
DFSP # 497 ticket to ride
26/08/2025
DFSP # 496 Signed, Sealed, Exploited
19/08/2025
DFSP # 495 Corrupted from within
12/08/2025
DFSP # 494 the request is out there
05/08/2025
DFSP # 493 Stop, Share, and Listen
29/07/2025
DFSP # 492 A Bit of TCP
22/07/2025
DFSP # 490 Unveiling the USN Journal
08/07/2025
In God we trust