Cyber Secrets

Cyber Secrets is a set of video series that cover Computer Forensics, Penetration Testing, Coding, and other security related topics.

These series includes the classic Cyber Secrets, Just the Tip, and Quick Tip along with web casts covering specialized topics that security professionals need.

Subscribe Now!
---

Powershell Base64 Encoding Decoding - Just the Tip

Just the Tip covering encoding through PowerShell. Specifically Base64 encoding and decoding, but PowerShell has so much more capability.

PortableApps Web Download using Powershell - Just the Tip

This episode covers a quick PowerShell script to download PortableApps.

Aliases in Linux - Just the Tip

Adding aliases to Ubuntu on Windows 10. Echo an alias to bash_aliases in the cli.

Powershell PsExec Network - Just the Tip (JtT)

Just the Tip video showing how to use PsExec over a network in Powershell.


iPhone-iTunes forensics with iPhone Analyzer and IPBA2 Cyber Secrets S01E07

This episode was originally released in April 2013.

This video covers iPhone forensics using iPhone Analyzer on the iTunes backup. Many people are no longer using iTunes to back up their iPhones, but many forensics tools will create an iTunes backup as a logical copy, so this is back on the table.

This allows you to investigate an iPhone for FREE using iPhone Analyzer and IPBA2.

Forensic Investigation With FTK Imager & Autopsy - Cyber Secrets S01E06

Originally aired in Feb 2013, this episode has been remastered.

Originally aired in March 2013, this episode walks through a forensic investigation using FTK Imager to Image a suspect drive and Autopsy GUI to analyze the "evidence". Best of all, it is free!

Forensic data recovery using foremost and scalpel on Linux - Cyber Secrets S01E05

Originally aired in Feb 2013, this episode has been remastered.

This episode covers forensic imaging with dcfldd and data carving using RecoverJPEG, foremost, and scalpel.

Forensic disk imaging starter with Linux and FTK Imager - Cyber Secrets S01E04

Originally aired in February 2013, this episode has been rebuilt. Re-aired on January 15, 2019.

This episode covers forensic imaging which is the first step before a forensic investigation can start. You should always have 2 images and only investigate on a copy/image of the drive.

Anti forensics using the USB Rubber Ducky from Hak5 - Cyber Secrets S01E03

This episode was originally aired in February 2013 and has been remastered.

This episode covers the USB Rubber Ducky from Hak5 that acts as a HID device. The script shows how easy it is to plant evidence. Once you understand this, it can help every computer forensic investigator know that not every thing they find is 100% reliable. You must look for a pattern (usually over time) to tell the story that you are trying to prove or disprove.

Tor Hidden Services with Vidalia and XAMMP - Cyber Secrets S01E02

Originally aired in January 2013, this episode has been remastered. Covers Tor hidden services on a Windows bow using Tor Browser, Vidalia, and XAMMP

Anonymity on the Internet, Powershell, PsExec, & SED - Cyber Secrets S01E01

Originally aired in January 2013, this episode has been remastered and covers anonymity on the Internet along with two more sections added (Just the Tip - PowerShell with PsExec and CS Quick Tip - Linux SED).


CS Quick Tip - Linux Semicolon Vs. Ampersand

Quick example of the colon vs ampersand in the Linux CLI

CS Quick Tip - Linux dcfldd forensic imager

Quick Tip syntax for the Linux forensic imager dcfldd to create a disk to disk forensically sound bit-stream image. Many investigators use this to image drives before investigations.

dcfldd if=/dev/sdb of=/dev/sdc

CS Quick Tip - Linux CIFS Utils

This episode was originally aired in February 2013 and has been remastered.

Are you trying to connect to a SAMBA/SMB/Netbois share using Linux? If so, cifs-utils allows you to easily connect a remote network share as a mount point.

apt update
apt install cifs-utils
mkdir /mnt/sharename
mount -t cifs //server/share /mnt/sharename -o user=user,password=pass,uid-500,pid=500

CS Quick Tip - Linux Aliases

echo "alias powerup='apt update && apt upgrade -y'"