Tag: tooling

All the articles with the tag "tooling".

• cloud forensics tooling

  Defender Timeline Downloader: Extending Data Retention for Incident Response

  20 Jan, 2026

  A technical deep dive into overcoming Microsoft Defender for Endpoint's 30-day API retention limit. This post details the architecture and authentication mechanisms of a new Go-based tool that automates the extraction of the full six-month timeline data.

• malware analysis tooling

  From Analysis to Tooling: Automating Amatera C2 Extraction

  31 Dec, 2025

  A technical update on Acreed analysis, detailing CAPE Sandbox contributions and a new unified static-dynamic extractor for Amatera.