This Month In 4n6 – October – 2020

A monthly wrap-up of the DFIR news for October 2020. Thank you to those Patreon donors for the last month. This project takes a lot of time, so it’s very much appreciated that people see enough value in it to contribute back 🙂 If you are a Patreon donor the show notes can be found here. Special […]

Week 44 – 2020

Our first (non-beta) run of the FOR308 class is running this week with Jason Jordaan at DFIRCON, very exciting!Why did you developed the SANS FOR308:Digital Forensics Essentials course? Brett Shavers at DFIR TrainingArsenal’s Bypass Data Protection API (DPAPI) Cellebrite How to Use Cellebrite Physical Analyzer’s New Image Classification Feature Stopping criminal activity in prisons with […]

Week 43 – 2020

Share the Mic In Cyber is on again, check it out on Twitter! Arsenal ReconRevisiting Accessing Protected Content using Windows Domain Controllers and Workstations Ben Eichorst at AWS SecurityHow to automate incident response in the AWS Cloud for EC2 instances CCL GroupIndexedDB on Chromium Cellebrite Join The First Cellebrite Capture the Flag (CTF) Event Accessing […]

Week 42 – 2020

Jason Jordaan, one of my FOR308 coauthors, has shared his thoughts about our class. You can take the class with Jason at DFIRCON in November! Why should you take the FOR308: Digital Forensics Essentials? We answer this question and more. Building a House on Sand – Why Foundational Knowledge and Skills in Digital Forensics are […]

Week 41 – 2020

Andrea Fortuna at ‘So Long, and Thanks for All the Fish’How to extract sysdiagnose logs for forensic purposes on iOS Basis TechnologyIntro to DFIR: The Divide and Conquer Process (3 hours) Joshua James at Digital Forensic ScienceHex editors and data structures Elcomsoft Apple Mobile Devices Cheat Sheet Mobile Forensics: Are You Ready for iOS 14? […]

Week 40 – 2020

Abhiram KumarIntro to Linux memory forensics Cellebrite 5 Things To Look For When Investigating Cryptocurrency Crimes Cellebrite Physical Analyzer’s New Consolidated Messages Approach Chris Vance at ‘D20 Forensics’iOS – Tracking Bundle IDs for Containers, Shared Containers, and Plugins Craig Ball at ‘Ball in your Court’The Case for Native, I Swear Joshua James at Digital Forensic […]

This Month In 4n6 – September – 2020

A monthly wrap-up of the DFIR news for September 2020. Thank you to those Patreon donors for the last month. This project takes a lot of time, so it’s very much appreciated that people see enough value in it to contribute back 🙂 If you are a Patreon donor the show notes can be found here. Special […]

Week 39 – 2020

Geri at ‘4n6 Ninja’Sharing is Caring – An Overview of Shared Albums in iOS Atropos4n6Has the user logged into this account, or not? (Google Chrome’s Web Data-Part 2) Bryan Ambrose at Data Digitally Video and Image Analysis – Authentication Microsoft Teams artifacts and chat logs Alex Caithness at CCLHang on! That’s not SQLite! Chrome, Electron […]

Week 38 – 2020

Alexis Brignoni at ‘Initialization Vectors’It’s alive! – Attachment links in Discord Abhiram KumarGetdents – Insomni’hack teaser 2020 Atropos4n6Has the user logged into this account, or not? (Google Chrome’s Login Data-Part 1) Alexi Michaels at CellebriteValidating Artifacts with Cellebrite BlackLight Chris Vance at ‘D20 Forensics’ macOS – Safari Preferences and Privacy iOS 14 – First Thoughts […]

Week 37 – 2020

We’re finishing up with Beta 2 for FOR308, and the course is scheduled to run next at DFIRCON in November. If you’re looking for an introductory DFIR class then look no further! As always, thanks to those who give a little back for their support! AbdulRhman Alfaifi at U0041Certutil Artifacts Analysis Atropos4n6Artifacts of Dropbox Usage […]