Collecting information using powershellGet information about the make and model of a computerGet-WmiObject -Class Win32_ComputerSystemGet information about the BIOS of the current computerGet-WmiObject -Class Win32_BIOS -ComputerName .List installed hotfixes (QFEs, or Windows Update files)Get-WmiObject -Class Win32_QuickFixEngineering -ComputerName .Get the username of the person currently logged on to a computerGet-WmiObject -Class Win32_ComputerSystem -Property UserName -ComputerName .Find just the names of installed...

John the Ripper is one of the most well known  hash cracking tools. It combines a fast cracking speed, with an extraordinary range of compatible hash types. Wordlists Wordlists is the list of words that you can hash and compare during a dictionary attack There are many different wordlists out there, a good collection to use can be found in the SecLists repository -  Location of wordlist in Kali Linux - /usr/share/wordlistsJohn Basic SyntaxThe basic syntax of John the Ripper commands is as followsjohn...

Wireshark, a tool used for creating and analyzing PCAPs (network packet capture files), is commonly used as one of the best packet analysis tools. Wireshark can run on Windows, macOS, and Linux. To begin installing Wireshark on a Windows or macOS device you will need to first grab an installer from the Wireshark website. Once you have downloaded an installer, simply run it and follow the GUI wizard. If you are using Linux you can install Wireshark with apt install Wireshark Filtering OperatorsWireshark's filter syntax...

In an event of a forensic investigation, Windows Event Logs serve as the primary source of evidence as the operating system logs every system activities. Windows Event Log analysis can help an investigator draw a timeline based on the logging information and the discovered artifacts. On Windows systems, event logs contains a lot of useful information about the system and its users.For a forensic investigator  Security Log is the most important event log.it contains Logon/Logoff activity and other activities related to...

 Basics of Traffic Monitor FilteringHost Traffic Filter ExamplesFrom Host a.a.a.a         (addr.src in a.a.a.a)          example: (addr.src in 1.1.1.1)           Explanation: shows all traffic from host ip address that matches 1.1.1.1 (addr.src in a.a.a.a) To Host b.b.b.b         (addr.dst in b.b.b.b)         example: (addr.dst in 2.2.2.2)          Explanation:...