Month: August 2021

Written by Phill Moore

Week 35 – 2021

Andrew RathbunDFIRMindMaps Andrew Rathbun and Josh Mitchell at Kroll Diving Deeper into EventTranscript.db Enabling EventTranscript.db: Windows Settings EventTranscript.db and Security Events Diagnostic Data Viewer Overview Navigating EventTranscript.db With Diagnostic Data Viewer Forensic Quick Wins With EventTranscript.DB: Microsoft.Windows.ClipboardHistory.Service Tony Knutson at AboutDFIRSOF-ELK and Integration with KAPE Atomic MatryoshkaPesky Persistence: How “Turning It Off and On Again” […]

Written by Phill Moore

Week 34 – 2021

ArcPoint ForensicsBitlocker Detection From The Command Line Arman Gungor at MetaspikeTrusted Timestamping (RFC 3161) in Digital Forensics Amina Zilic at BinalyzeDRONE: Generic Webshell Analyzer Elcomsoft Apple Watch Forensics: The Adapters NAS Forensics: TrueNAS Encryption Overview Forensafe Investigating Adobe Acrobat Reader Solving Lost Flash Drive Challenge with ArtiFast Windows InfoSec Write-upsBasic Splunk 101 Walkthrough Tryhackme Kevin […]

Written by Phill Moore

Week 33 – 2021

BelkasoftHow to acquire data from an Android device using APK downgrade method ForensafeInvestigating Signal with ArtiFast Signal Kevin Pagano at Stark 4N6May I Ask Who’s Calling – Google Call Screen Matt Lombana at PraetorianHow to improve your Incident Response (IR) with Live Response Security Onion Quick Malware Analysis: malware-traffic-analysis.net pcap from 2021-05-26 Quick Malware Analysis: […]

Written by Phill Moore

Week 32 – 2021

Forensafe Investigating LastVisitedMRU Investigating Google Drive InfoSec Write-upsAutopsy Walkthrough Tryhackme Kevin Pagano at Stark 4N6Google Duo – Android & iOS Forensic Analysis Microsoft 365 SecurityDFIR: Windows and Active Directory Attacks and Persistence Doug Burks at Security Onion Quick Malware Analysis: malware-traffic-analysis.net pcap from 2021-06-03 Quick Malware Analysis: malware-traffic-analysis.net pcap from 2021-06-02 Quick Malware Analysis: malware-traffic-analysis.net […]

Written by Phill Moore

This Month In 4n6 – July – 2021

A monthly wrap-up of the DFIR news for July 2021. Thank you to those Patreon donors for the last month. This project takes a lot of time, so it’s very much appreciated that people see enough value in it to contribute back 🙂 If you are a Patreon donor the show notes will be found here. Special […]

Written by Phill Moore

Week 31 – 2021

Lee has opened up nominations for the 2022 Forensic 4Cast Awards. This means that people can start nominating folks this year!2022 Forensic 4:cast Awards – Nominations are Open! Bob RudisAcoustic: Solving a CyberDefenders PCAP SIP/RTP Challenge with R, Zeek, tshark (& friends) DFIR ReviewMissing SQLite Records Analysis Forensafe Investigating Brave Web Browser Investigating OpenSaveMRU InfoSec […]