Nov 14, 2017
This week I talk about RTFM, the companion to the blue team field manual that's filled with over 1000 commands for windows and Linux.
Nov 7, 2017
This week talk about the Microsoft Evaluation Center, a resource Microsoft office to obtain evaluation versions of operating systems and products.
Oct 31, 2017
This week I interview a DFIR practitioner about some of the little known facts about a career in the industry.
Oct 24, 2017
This week I talk about the most popular artifacts to prove application execution
Oct 17, 2017
This week I interview a DFIR professional about his decision to get a Masters Degree in cyber security.
Oct 10, 2017
This week I review a freely available Windows Live Response collection tool available from BriMor Labs.
Oct 3, 2017
This week I talk Stego; what it is and what challenges is presents to DFIR professionals.
Sep 26, 2017
This week I review Blue Team Field Manual, a reference guide for DFIR practitioners.
Sep 19, 2017
This week I talk about cree.py, an OSINT tool to profile social media accounts by geolocation.
Sep 12, 2017
This week I talk how to make a forensic iPhone backup using iTunes and triage of iPhone backup files using free forensic tools.
Sep 5, 2017
This week I go over OSX Collector, a freely available tool to collect and preprocess Mac artifacts for DFIR investigations.
Aug 29, 2017
This week I talk about 4 questions about your DFIR unit from an operations standpoint to identify holes and get a better sense of your investigative capabilities.
Aug 22, 2017
This week I talk about crypto currency 2.0 and feature DASH as the example.
Aug 15, 2017
This week I provide an overview of Bitcoin forensics for examiners new to these investigations.
Aug 8, 2017
This week I break down crypto currency concepts for new computer forensic examiners.
Aug 1, 2017
This week I look talk about one of the most versatile tools for forensic triage and analysis - Strings!
Jul 25, 2017
This week I look at a methodology of capturing websites as evidence using HTTrack
Jul 18, 2017
This week I review a document put out by the Japan Computer Emergency Response Team Coordination Center on "Detecting Lateral Movement through Tracking Event Logs."
Jul 11, 2017
This week I break down the forensic value of Windows Jump lists.
Jul 4, 2017
This week I talk about how to design your own training programs using low cost\ no cost options.
Jun 27, 2017
This week I take a look at online sandboxes for malware analysis.
Jun 20, 2017
This week I talk a Notepad++, a freely available code editing tool with some great options built in that are useful for inspecting forensic artifacts.
Jun 13, 2017
This week I take a look at Redline by Mandiant, a tool that offers automated memory triage and much more.
Jun 6, 2017
This week I explore the idea of using scanning tools as part of an on scene triage process in order to find hidden devices and\or to document the systems of the local network.
May 30, 2017
Looking for the ultimate DFIR checklist? This week I check out a freely available guidebook that, as the name implies, is aimed at addressing all things DFIR related A-Z.