A memory forensics investigation into the Amadey Trojan Stealer — tracing persistence mechanisms, C2C communications, and lateral movement through a compromised Windows workstation.

A network forensics investigation using Wireshark and Threat Intelligence to trace how a machine was compromised and sensitive company data was exfiltrated.

A memory forensics investigation using Volatility and Strings to trace an attacker who bypassed NIDS, identify the malware family, and uncover every footprint left behind.