Week 19 – 2021

Angry-Bender’s blog houseDFIR Playbook – Windows Forensics(WIP APR21) John Walther at Carpe IndiciumCleaner Office365 logs with Excel and Magnet Custom Artifact Generator Heather Mahalik at CellebriteUFED Fundamentals Matter – You Asked, We Answered Dexter Morgan at Data ForensicsHow to Find Who Deleted Records in SQL Server? Perfect Workarounds Dr. Neal Krawetz at ‘The Hacker Factor […]

This Month In 4n6 – April – 2021

A monthly wrap-up of the DFIR news for April 2021. Special thanks to guest host Chapin Bryce, who offered to share his thoughts this month since I wasn’t able to put the podcast together. Thank you to those Patreon donors for the last month. This project takes a lot of time, so it’s very much appreciated that […]

Week 18 – 2021

Alexis BrignoniIdentifying the Android Operating System Version thru UsageStats Didier StevensQuickpost: Decrypting Cobalt Strike Traffic Forensafe Investigating Windows Services Investigating Internet Explorer Web Browser Kyle SongBlog #28: IPv6 in TeamViewer(v15) part 2. [EN] Jamie McQuaid at Magnet ForensicsVirtualizing Your Forensics Lab in the Cloud Part 5: Securing Your Evidence in Microsoft Azure Meisam Eslahi at […]

Week 17 – 2021

Lukasz D at Compass SecurityStraightforward Mobile Forensics DS ToolsWhatsApp in Plain Sight: Where and How You Can Collect Forensic Artifacts DS4N6 The DS-DFIR (Data Science for DFIR) Trip Starts… Jump In! Try the ds4n6_lib in the Cloud in minutes What is the DS4N6 Library (ds4n6_lib)? New DS4N6 library (ds4n6_lib) released! Erik Hjelmvik at NetresecAnalysing a […]

Week 16 – 2021

Alexis Brignoni at ‘Initialization Vectors’Android version without the build.props file SANSFOR509: Enterprise Cloud Forensics and Incident Response Barnaby SkeggsLSASS.DMP… Attacker or Admin? James Smith at DFIR MadnessCase 001 Super Timeline Analysis Kevin Pagano at Stark 4N6 BloomCon 0x05 Networks CTF – Who Am I? (Challenge 1) BloomCON 0x05 Networks CTF – Exfiltration Investigation (Challenge 2) […]

Week 15 – 2021

Andrea Fortuna at ‘So Long, and Thanks for All the Fish’Android Triage: a really useful forensic tool by Mattia Epifani BelkasoftInvestigating the Dropbox Desktop App for Windows with Belkasoft X Dr. Neal Krawetz at ‘The Hacker Factor Blog’All Spam All The Time Oleg Afonin at ElcomsoftBreaking RAR5 and 7Zip Passwords Kevin Pagano at Stark 4N6BloomCon […]

Week 14 – 2021

Arman Gungor at MetaspikeInvestigating Message Read Status in Gmail & Google Workspace Brian MaloneyYour AV is Trying to Tell You Something: Registry CCL SolutionsUpdated RabbitHole software sets new standard for forensic data exploration tools David Via and Scott Runnels at Fire Eye Threat ResearchBack in a Bit: Attacker Use of the Windows Background Intelligent Transfer […]

This Month In 4n6 – March – 2021

A monthly wrap-up of the DFIR news for March 2021. Thank you to those Patreon donors for the last month. This project takes a lot of time, so it’s very much appreciated that people see enough value in it to contribute back 🙂 If you are a Patreon donor the show notes will be found here. Special […]

Week 13 – 2021

Jason Jordaan, one of my FOR308 co-authors, needs your help! Please fill out the survey on DFIR fundamentals below (and go in the draw to win a $250 Amazon voucher).Survey Now Open: 2021 SANS Digital Forensics Survey: Digital Forensics Essentials and Why Foundations Matter Abhiram KumarWhat App Is On Fire? – Securinets Quals 2021 Marco […]

Week 12 – 2021

I ran a webcast last month on getting started in DFIR by testing, and walked through a few different scenarios. Minor bump at the beginning with my VM dying, but at least we knew it was live! I took some parts of my FOR308 and FOR500 material to create this talk, where the premise is […]