Digital Forensic Survival Podcast

Listen to talk about computer forensic analysis, techniques, methodology, tool reviews and more.
RSS Feed
Digital Forensic Survival Podcast


All Episodes
Now displaying: Page 1
Mar 21, 2017

This week I talk about a methodology to collect webmail using freely available tools as well as the things you must consider before you do so.

Mar 14, 2017

This week I go over my survival tips for imaging solid state drives (SSDs).

Mar 7, 2017

This week I talk about threat intelligence tool Hostintel by Keith Jones.

Feb 28, 2017

This week I share some thoughts on how to approach DFIR conferences to maximize the experience. There are many to choose from and having an analytical approach may get you exactly what you want for your time and money.

Feb 21, 2017

This week I talk about my favorite Volatility plugins for File Use & Knowledge investigations to get at the volatile evidence most often targeted during a dead box exam.

Feb 14, 2017

This week I talk about FreeMind, a freely available visualization tool that can be used to enhance the computer forensic investigation process.

Feb 7, 2017

This week I talk about an openly available library and tool repository  all examiners should be aware of as well as a tool by Didier Stevens called "AnalyzePESig" which is perfect for bulk analysis of executables on Windows systems.

Jan 31, 2017

This week I talk File Use & Knowledge investigations involving virtual machines. This is mainly from a dead-box exam point-of-view.

Jan 24, 2017

This week I talk about SRUM, a windows artifact with some significant forensic value for both File Use & Knowledge investigations as well as Incident Response.

Jan 17, 2017

This week I talk about considerations for digital evidence integrity when collection evidence on-scene from a live system.

Jan 10, 2017

This week I talk about surviving mobile App timestamps.

Jan 3, 2017

This week I share my thoughts on setting DFIR goals for the coming year. I go over seven points worth focusing on for professional development.

Dec 27, 2016

This week I talk DMA (direct memory access) exploits as a technique to bypass passwords of a live system to conduct imaging - with legal authority of course.

Dec 20, 2016

This week I talk about a useful automated file intelligence resource for dead box exam as well as IR investigations.

Dec 13, 2016

This week I go over survival tips for imaging a Mac.

Dec 6, 2016

This week I about the format change for Windows 10 Prefetch files as well as a freely available tool to decompress and present .pf file data.

Nov 29, 2016

This week I'm talking .Trash. I cover the forensic basics of this Mac artifact that examiners need to know.

Nov 22, 2016

This week I talk about Mac Log files that are useful for File Use & Knowledge investigations as well as Incident Response.

Nov 15, 2016

This week I talk about Apache weblogs and a great resource for foundational knowledge at aid newer examiners with forensic analysis. In addition, big news for the SDF series!

Nov 8, 2016

This week it's back to Mac forensics with a look at the the Finder Sidebar and it's value for File Use & Knowledge investigations.

Nov 1, 2016

This week I pull back the focus for newer examiners and share some thoughts on creating a system that works for you to organize, and keep readily accessible, all the knowledge you accumulate..... and a few words about Shimcache on Windows 10.

Oct 25, 2016

This week I breakdown iCloud forensic artifacts.

Oct 18, 2016

This week I talk about where to find different listing of different recently accessed files on a Mac as well as how to break out the data for interpretation.

Oct 11, 2016

This week I go over some of my favorite Mac tools.

Oct 4, 2016

This week I talk about some common PLISTS to check as part of an initial system triage.

1 2 3 Next »