…mas ajuda muito (but it helps)!
Whether you work as a Windows system admin or are doing Incident Response – spending a chunk of time practicing coding will benefit you. I will bet if you dedicate some time to writing python code to parse forensic artifacts, you will learn more about the systems you work on, as well as understand more of the language surrounding problems like Log4j.
Last week I was trying to troubleshoot an odd issue and I found that I could generate logs for the program I wanted to look at. The logs generated in a .txt format but manually CTRL-F’ing my way through them was tedious and inefficient due to the size of the file.
The information I wanted was mixed in with a bunch of irrelevant data.
I only wanted the lines with the message “Warning” so I could see log content that applied to the issue.
In under 5 minutes, was able to pull out one of my forensic parsing scripts, make a few changes and send the relevant information to the Python interpreter – cleaning the data to what I needed.
Fairly instant results instead of spending at least half an hour scrolling or searching for the activity.
If you have the time and mental space, learning Python (especially for forensics) is a really valuable skill-XRay glasses into the systems we work with.
My code for this and other projects is available here: https://github.com/DFIRLore