Category
Forensics
8 publications
Malware Analysis in an Isolated Lab: Safe Setup with FlareVM and REMnux
How to build an air-gapped lab with FlareVM and REMnux for reverse engineering real samples without contaminating your network or burning IOCs.
Read →Disk Crypto and Backups: VeraCrypt, LUKS and a Resilient 3-2-1 Strategy
How to encrypt disks with LUKS2 and VeraCrypt and build verified 3-2-1 backups, with a recovery plan tested in the lab.
Read →macOS Incident Forensics: UnifiedLogs, FSEvents and AULR in Practice
How Basilisk collects evidence on macOS Sonoma and Sequoia using UnifiedLogs, FSEvents and AULR without trampling the incident scene.
Read →Memory Forensics with Volatility 3: Analyzing Dumps in a Reproducible Lab
Technical memory analysis workflow with Volatility 3, sandbox-reproduced dumps and cross-validation against Rekall and MemProcFS.
Read →Timeline Forensics on Windows: Plaso, Log2Timeline and KAPE in Practice
Building super-timelines of a compromised Windows 11 test VM with KAPE for triage collection and Plaso parsing 200+ artifacts.
Read →Hunting Living-off-the-Land Binaries on Windows with KQL
Production-ready KQL queries for Microsoft Defender and Sentinel to hunt LOLBin abuse from rundll32, mshta, and certutil in real environments.
Read →Dependency Confusion and Typosquatting: Practical Defense for Dev Teams
How registry policies, lockfiles and scoping block malicious packages before they hit the build. Hands-on technical guide from the Basilisk team.
Read →Container Forensics: Investigating Kubernetes Compromises Like a Pro
How the Basilisk team collects evidence from pods, runtime, and control plane after a suspected incident in production Kubernetes clusters.
Read →