Week 17 – 2019

Thanks to Lodrina for her work on the Threat Hunting and Malware Analysis sections. As always, Thanks to those who give a little back for their support! FORENSIC ANALYSIS Eric Zimmerman has released an Event Log parsing utility, EvtxECmd Introducing EvtxECmd!!  Damian Pfammatter at Compass Security explains the various event log entries that are useful […]

Week 16 – 2019

Thanks to Lodrina for her work on the Threat Hunting and Malware Analysis sections. As always, Thanks to those who give a little back for their support! FORENSIC ANALYSIS Andrea Fortuna at ‘So Long, and Thanks for All the Fish’ demonstrates how to extract useful data from the pagefile using strings, grep, and YARA How […]

Week 15 – 2019

As always, Thanks to those who give a little back for their support! FORENSIC ANALYSIS Brian Moran has updated the BriMor Live Response Collection to include many more Mac artifacts including logs and browser history; there’s a few Windows collection updates as well! Live Response Collection – Cedarpelta Danny Garcia at Cellebrite gives an overview […]

Week 14 – 2019

Thanks to Lodrina for her contributions As always, Thanks to those who give a little back for their support! FORENSIC ANALYSIS Richard Frawley at ADF posted a couple of articles this week He describes how to perform a RAM capture Collect RAM on a Live Computer And demonstrates how to use DEI to boot scan […]

This Month In 4n6 – March – 2019

A monthly wrap-up of the DFIR news for March 2019. **** Apologies for the sound quality up front. I had some bad luck that meant my laptop died last week, so was using a loaner and turns out it recorded with the inbuilt mic instead of my proper one. **** Nominate “This Week in 4n6” […]

Week 13 – 2019

Thanks to Lodrina for her work. As always, Thanks to those who give a little back for their support! FORENSIC ANALYSIS Arman Gungor at Metaspike explains the Content-Length header field found in e-mails, as well as how to preserve and use it in an investigation Using the Content-Length Header Field in Email Forensics Cyrill Brunschwiler […]

Week 12 – 2019

Had an exciting week in Singapore with the students of the FOR500 Windows Forensics Analysis class and learned a lot about content delivery and teaching from Ovie! Plus a chance to hang out with the other great instructors that were in town. As always, Thanks to those who give a little back for their support! […]