Forensics

Detecting and Investigating OpenSSL Backdoors on Linux

April 19, 2021

Computer Forensics, Forensics, Linux Forensics

A nightmare for security personnel on Linux is to find a backdoor operating. This means an attacker is interacting with the host in real…

Detecting Linux memfd_create() Fileless Malware with Command Line Forensics

July 09, 2020

Computer Forensics, Forensics, Linux Forensics, Sandfly

A developing threat to Linux over the last several years has been the idea of fileless malware. Fileless malware is designed to inject…

Detecting Linux Kernel Process Masquerading with Command Line Forensics

March 31, 2020

Computer Forensics, Forensics, Linux Forensics

Linux kernel process masquerading is sometimes used by malware to hide when it is running. Let’s go over how you can unmask a piece of Linux…

Sandfly Filescan Open Source File Entropy Scanner for Linux

November 26, 2019

Forensics, Linux Forensics, Sandfly Filescan

We’re releasing an open source tool today called . Sandfly-filescan allows Linux admins and incident responders to quickly scan for…