https://systemlog.icu/tags/incident-response/Recent content in Incident Response on SystemLogHugoen-usFri, 28 Feb 2025 00:00:00 +0000https://systemlog.icu/blog/windows-remote-access-triage-script/Fri, 28 Feb 2025 00:00:00 +0000https://systemlog.icu/blog/windows-remote-access-triage-script/Field-ready triage workflow and PowerShell script for cases where a Windows machine is suspected of remote-access compromise.https://systemlog.icu/blog/forensics-imaging-case/Sat, 15 Feb 2025 00:00:00 +0000https://systemlog.icu/blog/forensics-imaging-case/A fully anonymized walkthrough of creating a forensic disk image with dd, validating integrity, and preparing it for examination using Autopsy and QEMU.