Thanks to Lodrina for her work on the Threat Hunting and Malware Analysis sections. As always, Thanks to those who give a little back for their support! FORENSIC ANALYSIS Eric Zimmerman has released an Event Log parsing utility, EvtxECmd Introducing EvtxECmd!!  Damian Pfammatter at Compass Security explains the various event log entries that are useful […]

Thanks to Lodrina for her work on the Threat Hunting and Malware Analysis sections. As always, Thanks to those who give a little back for their support! FORENSIC ANALYSIS Andrea Fortuna at ‘So Long, and Thanks for All the Fish’ demonstrates how to extract useful data from the pagefile using strings, grep, and YARA How […]

As always, Thanks to those who give a little back for their support! FORENSIC ANALYSIS Brian Moran has updated the BriMor Live Response Collection to include many more Mac artifacts including logs and browser history; there’s a few Windows collection updates as well! Live Response Collection – Cedarpelta Danny Garcia at Cellebrite gives an overview […]

Thanks to Lodrina for her contributions As always, Thanks to those who give a little back for their support! FORENSIC ANALYSIS Richard Frawley at ADF posted a couple of articles this week He describes how to perform a RAM capture Collect RAM on a Live Computer And demonstrates how to use DEI to boot scan […]

Thanks to Lodrina for her work. As always, Thanks to those who give a little back for their support! FORENSIC ANALYSIS Arman Gungor at Metaspike explains the Content-Length header field found in e-mails, as well as how to preserve and use it in an investigation Using the Content-Length Header Field in Email Forensics Cyrill Brunschwiler […]

Had an exciting week in Singapore with the students of the FOR500 Windows Forensics Analysis class and learned a lot about content delivery and teaching from Ovie! Plus a chance to hang out with the other great instructors that were in town. As always, Thanks to those who give a little back for their support! […]