Erik Profile
Erik

@Schamperr

Followers
244
Following
95
Media
0
Statuses
45

Joined December 2009
Don't wanna be here? Send us removal request.
@Schamperr
Erik
1 year
RT @foxit: 🚀 Our open-source Dissect project now supports reading Fortinet firmware files! 🛡️ Easily mount, browse or dump FortiGate firmwa….
0
7
0
@Schamperr
Erik
2 years
RT @foxit: Read our latest blog to find out how our Security Research Team reverse-engineered Windows Defender to uncover previously undocu….
blog.fox-it.com
Max Groot & Erik Schamper TL;DR Windows Defender (the antivirus shipped with standard installations of Windows) places malicious files into quarantine upon detection. Reverse engineering mpengi…
0
41
0
@grok
Grok
4 days
Join millions who have switched to Grok.
197
398
3K
@Schamperr
Erik
2 years
RT @foxit: In addition: we're proud to announce the release of Dissect 3.8.1!. One of the new exciting features is preliminary support for….
0
5
0
@Schamperr
Erik
2 years
Includes a triage script for Citrix Netscaler disk images, nicely highlighting the flexibility of Dissect!.
@foxit
Fox-IT
2 years
🚨Fox-IT and @DIVDnl have revealed that a exploitation campaign targeting Citrix NetScalers has backdoored approximately 2K NetScalers worldwide! Check your NetScalers for indicators of compromise, even after patching CVE-2023-3519!🔒.🔗blog:
0
2
14
@Schamperr
Erik
2 years
RT @_dirkjan: Now up at @BlackHatEvents Arsenal are @Schamperr and @Horofic to demonstrate the dissect forensic framework .
0
12
0
@Schamperr
Erik
2 years
RT @PeterRydzynski: @YunZhengHu Thanks for making me laugh out loud while at work this week! .
0
3
0
@Schamperr
Erik
2 years
RT @foxit: While we wait for the PR to merge dissect.esedb support into #Impacket, you can already enjoy a 500-1000% performance bump yours….
Tweet card summary image
github.com
A Dissect module implementing a parser for Microsofts Extensible Storage Engine Database (ESEDB), used for example in Active Directory, Exchange and Windows Update. - fox-it/dissect.esedb
0
12
0
@Schamperr
Erik
2 years
RT @foxit: Attention digital forensics and IR specialists!. Dissect Release 3.5 is here with new plugins for virus scanner logs, package ma….
Tweet card summary image
github.com
Highlights New plugins for parsing: Trend Micro Worry-Free AV and firewall logs McAfee AV and firewall logs (SQLite) Apt, yum and zypper package manager files NGINX, Apache and Caddy webserver lo...
0
7
0
@Schamperr
Erik
3 years
RT @SANSEMEA: 🎙️ #CyberThreat22 attendees, we are live with @Schamperr & @lennarthaagsma presenting Enterprise IR: live free, live large.….
0
4
0
@Schamperr
Erik
3 years
RT @sud0woodo: small write-up of one of the angles we used researching CVE-2022-42475 at DIVD, leveraging dissect to speed up the process….
0
6
0
@Schamperr
Erik
3 years
RT @13CubedDFIR: Merry Christmas 🎄! Here’s a new 13Cubed episode about Dissect -- a powerful, now open source, IR framework. Enjoy! https:/….
0
25
0
@Schamperr
Erik
3 years
All the discussed parsers (also for VMFS) are open-source and can be found at and
Tweet card summary image
github.com
Dissect module implementing a parser for the VMFS file system, used by VMware virtualization software. - fox-it/dissect.vmfs
0
0
2
@Schamperr
Erik
3 years
One of the capabilities that Dissect gave us is data acquisition from the hypervisor. I’ve written a blog post that summarizes how it works and what I had to do to make that possible!.
1
5
15
@Schamperr
Erik
3 years
RT @_dirkjan: Fox-IT just open sourced their enterprise forensics tooling dissect. This is a big project that some of the smartest people I….
0
597
0
@Schamperr
Erik
3 years
Excited to have finally open-sourced Dissect today! Read more about it at the documentation and install it for yourself with “pip install dissect”! .
0
2
20
@Schamperr
Erik
3 years
RT @foxit: Join us for a webinar on Dissect, Fox-IT’s in-house developed enterprise-scale forensics framework for data acquisition and anal….
0
13
0
@Schamperr
Erik
3 years
RT @virusbtn: The NCC Group's @Schamperr describes how to parse the CIT (Customer Interaction Tracker) database on older Windows versions,….
0
8
0
@Schamperr
Erik
3 years
RT @JamesAtack: I like where this talk is going @Schamperr / @foxit .Collect your forensic artefacts at the hypervisor.#FIRSTAMS2022 https:….
0
1
0