Posts

Searching SQLite databases using GRR and osquery

By
Image
  Introduction There are billions of billions of SQLite instances in the world (ref: https://www.sqlite.org/mostdeployed.html ), and many examples can be found on virtually every active phone, laptop or workstation. In this blog post we will discuss a method by which investigators can perform a search of SQLite database files using GRR Rapid Response (GRR), osquery and dfTimewolf.  We assume the reader has an understanding of these tools. What is GRR? GRR is an incident response framework focused on remote live digital forensic analysis. GRR was built to run at scale so that analysts are capable of effectively collecting and processing data from large numbers of machines concurrently. It achieves this through flows (asynchronous calls to execute client code and retrieve results from a single machine) and hunts (flows scheduled to run on many machines).  What is Osquery? Osquery is an open source tool that exposes an operating system as a query-able interface like SQL for a relational d
Post a Comment
Read more

Communicating is our hardest job

By
  Communicating with one another effectively is the hardest thing most people have to do in the workplace. This may seem counterintuitive - we’re born knowing how to communicate and much of human growth to adulthood involves refining ever more complex ways of expressing ourselves. But people are still, on average, remarkably error-prone. In 2006, researchers Justin Kruger and Nicholas Epley designed a set of experiments to see how well we communicate over email. One experiment centered on individuals who know one another intimately. In this experiment, participants were given a list of 10 topics and asked to write two statements about each one. Half of the statements were to be serious and the other half sarcastic. Senders e-mailed the statements to another participant, who attempted to identify which sentences were intended to be sarcastic and which were not. The senders then predicted the receivers’ accuracy. While 78% of the senders were confident the message would be understood, o
Post a Comment
Read more