![](https://eforensicsmag.com/wp-content/uploads/2023/09/feature_pictures_www-36.png)
This is a journey into clever and interesting ways to apply cryptographic DataFrames [1] for forensic/anti-forensic purposes using Python3.
Introduction
I really enjoy the study of digital forensics and Digital Forensics and Incident Response (DFIR) overall as it isn't always so cut and dry or black and white in what must be done to "solve for x"; especially in a time crunch where every second counts.
In a Security Operations Center (SOC), for example, the cybersecurity team needs to determine if a detected threat is targeting their specific organization, or perhaps a temporal drive-by threat that is on the network block scanning around for one reason or another, or even just a misconfigured device installed by a vendor that didn't read the manual or the organizational policies for networked devices.
Sometimes it's just noise, sometimes it's a distraction for something else going on deep in the ether of a likely already compromised infrastructure; one which is slowly assembling its factions and communicating amongst its established and growing platform secretly and quietly. The paranoia is real.
Of course, an organization running defense in depth with layers and layers of next-generation security may catch the brunt of would-be-attackers, and even have a short lull-time detection workflow in play. A lot of this is gathered through machine modeled data patterns, sometimes commanded by some type of AI-driven system. Depending on the criticality and sensitivity of the day-to-day operations, there may be a ladder of human-based roles that are used as a second....
Author
![](https://eforensicsmag.com/wp-content/uploads/avatars/59998/1667173745-bpthumb.jpg)
Latest Articles
OfficialAugust 26, 2024Getting Started in Cyber Security Forensics with AI and ChatGPT
NewOctober 3, 2023Hunting Hackers Using Autopsy on a macOS Image
OfficialSeptember 26, 2023Hunting for macOS Ransomware Using VirusTotal Enterprise
OfficialSeptember 10, 2023VirusTotal’s Code Insight Versus ChatGPT Analysis