Week 16 – 2021

Alexis Brignoni at ‘Initialization Vectors’Android version without the build.props file SANSFOR509: Enterprise Cloud Forensics and Incident Response Barnaby SkeggsLSASS.DMP… Attacker or Admin? James Smith at DFIR MadnessCase 001 Super Timeline Analysis Kevin Pagano at Stark 4N6 BloomCon 0x05 Networks CTF – Who Am I? (Challenge 1) BloomCON 0x05 Networks CTF – Exfiltration Investigation (Challenge 2) […]

Week 15 – 2021

Andrea Fortuna at ‘So Long, and Thanks for All the Fish’Android Triage: a really useful forensic tool by Mattia Epifani BelkasoftInvestigating the Dropbox Desktop App for Windows with Belkasoft X Dr. Neal Krawetz at ‘The Hacker Factor Blog’All Spam All The Time Oleg Afonin at ElcomsoftBreaking RAR5 and 7Zip Passwords Kevin Pagano at Stark 4N6BloomCon […]

Week 14 – 2021

Arman Gungor at MetaspikeInvestigating Message Read Status in Gmail & Google Workspace Brian MaloneyYour AV is Trying to Tell You Something: Registry CCL SolutionsUpdated RabbitHole software sets new standard for forensic data exploration tools David Via and Scott Runnels at Fire Eye Threat ResearchBack in a Bit: Attacker Use of the Windows Background Intelligent Transfer […]

This Month In 4n6 – March – 2021

A monthly wrap-up of the DFIR news for March 2021. Thank you to those Patreon donors for the last month. This project takes a lot of time, so it’s very much appreciated that people see enough value in it to contribute back 🙂 If you are a Patreon donor the show notes will be found here. Special […]