A monthly wrap-up of the DFIR news for August 2021. Thank you to those Patreon donors for the last month. This project takes a lot of time, so it’s very much appreciated that people see enough value in it to contribute back 🙂 If you are a Patreon donor the show notes will be found here. Special […]
Andrew RathbunDFIRMindMaps Andrew Rathbun and Josh Mitchell at Kroll Diving Deeper into EventTranscript.db Enabling EventTranscript.db: Windows Settings EventTranscript.db and Security Events Diagnostic Data Viewer Overview Navigating EventTranscript.db With Diagnostic Data Viewer Forensic Quick Wins With EventTranscript.DB: Microsoft.Windows.ClipboardHistory.Service Tony Knutson at AboutDFIRSOF-ELK and Integration with KAPE Atomic MatryoshkaPesky Persistence: How “Turning It Off and On Again” […]
ArcPoint ForensicsBitlocker Detection From The Command Line Arman Gungor at MetaspikeTrusted Timestamping (RFC 3161) in Digital Forensics Amina Zilic at BinalyzeDRONE: Generic Webshell Analyzer Elcomsoft Apple Watch Forensics: The Adapters NAS Forensics: TrueNAS Encryption Overview Forensafe Investigating Adobe Acrobat Reader Solving Lost Flash Drive Challenge with ArtiFast Windows InfoSec Write-upsBasic Splunk 101 Walkthrough Tryhackme Kevin […]
BelkasoftHow to acquire data from an Android device using APK downgrade method ForensafeInvestigating Signal with ArtiFast Signal Kevin Pagano at Stark 4N6May I Ask Who’s Calling – Google Call Screen Matt Lombana at PraetorianHow to improve your Incident Response (IR) with Live Response Security Onion Quick Malware Analysis: malware-traffic-analysis.net pcap from 2021-05-26 Quick Malware Analysis: […]
Forensafe Investigating LastVisitedMRU Investigating Google Drive InfoSec Write-upsAutopsy Walkthrough Tryhackme Kevin Pagano at Stark 4N6Google Duo – Android & iOS Forensic Analysis Microsoft 365 SecurityDFIR: Windows and Active Directory Attacks and Persistence Doug Burks at Security Onion Quick Malware Analysis: malware-traffic-analysis.net pcap from 2021-06-03 Quick Malware Analysis: malware-traffic-analysis.net pcap from 2021-06-02 Quick Malware Analysis: malware-traffic-analysis.net […]
A monthly wrap-up of the DFIR news for July 2021. Thank you to those Patreon donors for the last month. This project takes a lot of time, so it’s very much appreciated that people see enough value in it to contribute back 🙂 If you are a Patreon donor the show notes will be found here. Special […]
Lee has opened up nominations for the 2022 Forensic 4Cast Awards. This means that people can start nominating folks this year!2022 Forensic 4:cast Awards – Nominations are Open! Bob RudisAcoustic: Solving a CyberDefenders PCAP SIP/RTP Challenge with R, Zeek, tshark (& friends) DFIR ReviewMissing SQLite Records Analysis Forensafe Investigating Brave Web Browser Investigating OpenSaveMRU InfoSec […]
Thanks to everyone that voted for this site for “Resource of the Year”. Congratulations to all of the winners!2021 Forensic 4:cast Awards – Results Alexis Brignoni at ‘Initialization Vectors’vLEAPP – Vehicle Logs Events And Properties Parser Howie Shia at Amnesty InternationalForensic Methodology Report: How to catch NSO Group’s Pegasus Bill Marczak, John Scott-Railton, Siena Anstis, […]
Last week to get your votes in for the Forensic 4Cast Awards! If you haven’t voted yet, you can votes here: don’t delay! While I would love to win an award again, getting nominated as a top resource for the community is definitely something to be proud of (this will be my fifth year getting […]
Kroll Forensically Unpacking EventTranscript.db: An Investigative Series EventTranscript.db Research Parsing Diagnostic Data With Powershell and Enhanced Logging Parsing EventTranscript.db With KAPE and SQLECmd Forensic Quick Wins With EventTranscript.DB: Win32kTraceLogging EventTranscript.db vs .rbs Files and Their Relation to DiagTrack Andrea Fortuna at ‘So Long, and Thanks for All the Fish’Some thoughts about Stuxnet B. Krishna Sai […]
