You are browsing the archive for Proxy Logs Analysis.

When good URLs are bad for business

November 15, 2020 in Forensic Analysis, Incident Response, Malware Analysis, Proxy Logs Analysis

Analyzing memory dumps comes with a price – ‘good’ information overload. One that annoys me a lot is running URl/domain extraction tools over the memdump and finding tones of legitimate […]

Monitoring unapproved apps/PUA/PUP/downware using default User Agents used by Installers

December 20, 2015 in Batch Analysis, Clustering, Forensic Analysis, Incident Response, Proxy Logs Analysis

While looking at the user agent list I shared today, I thought it might be an interesting idea to monitor unapproved/PUA/PUP/downware applications by paying attentions to all downloads that are […]