Jun 20, 2017
This week I talk a Notepad++, a freely available code editing tool with some great options built in that are useful for inspecting forensic artifacts.
Jun 13, 2017
This week I take a look at Redline by Mandiant, a tool that offers automated memory triage and much more.
Jun 6, 2017
This week I explore the idea of using scanning tools as part of an on scene triage process in order to find hidden devices and\or to document the systems of the local network.
May 30, 2017
Looking for the ultimate DFIR checklist? This week I check out a freely available guidebook that, as the name implies, is aimed at addressing all things DFIR related A-Z.
May 23, 2017
This week I talk about the Skype artifacts forensic examiners need to be aware of.
May 16, 2017
This week I take a look at CompTia's CSA+ certification and how it fits into a DFIR career.
May 9, 2017
This week it's back to browsers with Chrome Forensics.
May 2, 2017
This week is tool review week featuring Bulk Extractor. This is a great triage tool, lab tool and all around tool to help generate leads for your case.
Apr 25, 2017
This week I take you through some of the "pain points" of using VirtualBox as a forensic machine virtualization platform. VirtualBox is freely available and is a great tool to scale your lab and field systems at a low cost. VirtualBox does not have the "easy" buttons the pay tools have but do not let that stop you. In this episode I talk about the solutions that will have you up and running.
Apr 18, 2017
This week I talk Firefox forensics and identify the artifacts examiners need to know about.
Apr 11, 2017
This week I’m talking about the Windows browser some are still surprised to learn about, MS Edge. Windows 10 comes with two browsers and in this week’s podcast I’m going to go over one of them, MS Edge, and what computer forensic examiners need to know about it.
Apr 4, 2017
This week I talk about surviving Windows Thumbcache forensics. A great source of evidence for File Use & Knowledge investigations.
Mar 28, 2017
This week I talk Linux forensics and breakdown some useful artifacts that may generate leads for investigations.
Mar 21, 2017
This week I talk about a methodology to collect webmail using freely available tools as well as the things you must consider before you do so.
Mar 14, 2017
This week I go over my survival tips for imaging solid state drives (SSDs).
Mar 7, 2017
This week I talk about threat intelligence tool Hostintel by Keith Jones.
Feb 28, 2017
This week I share some thoughts on how to approach DFIR conferences to maximize the experience. There are many to choose from and having an analytical approach may get you exactly what you want for your time and money.
Feb 21, 2017
This week I talk about my favorite Volatility plugins for File Use & Knowledge investigations to get at the volatile evidence most often targeted during a dead box exam.
Feb 14, 2017
This week I talk about FreeMind, a freely available visualization tool that can be used to enhance the computer forensic investigation process.
Feb 7, 2017
This week I talk about an openly available library and tool repository all examiners should be aware of as well as a tool by Didier Stevens called "AnalyzePESig" which is perfect for bulk analysis of executables on Windows systems.
Jan 31, 2017
This week I talk File Use & Knowledge investigations involving virtual machines. This is mainly from a dead-box exam point-of-view.
Jan 24, 2017
This week I talk about SRUM, a windows artifact with some significant forensic value for both File Use & Knowledge investigations as well as Incident Response.
Jan 17, 2017
This week I talk about considerations for digital evidence integrity when collection evidence on-scene from a live system.
Jan 10, 2017
This week I talk about surviving mobile App timestamps.
Jan 3, 2017
This week I share my thoughts on setting DFIR goals for the coming year. I go over seven points worth focusing on for professional development.