Sep 19, 2017
This week I talk about cree.py, an OSINT tool to profile social media accounts by geolocation.
Sep 12, 2017
This week I talk how to make a forensic iPhone backup using iTunes and triage of iPhone backup files using free forensic tools.
Sep 5, 2017
This week I go over OSX Collector, a freely available tool to collect and preprocess Mac artifacts for DFIR investigations.
Aug 29, 2017
This week I talk about 4 questions about your DFIR unit from an operations standpoint to identify holes and get a better sense of your investigative capabilities.
Aug 22, 2017
This week I talk about crypto currency 2.0 and feature DASH as the example.
Aug 15, 2017
This week I provide an overview of Bitcoin forensics for examiners new to these investigations.
Aug 8, 2017
This week I break down crypto currency concepts for new computer forensic examiners.
Aug 1, 2017
This week I look talk about one of the most versatile tools for forensic triage and analysis - Strings!
Jul 25, 2017
This week I look at a methodology of capturing websites as evidence using HTTrack
Jul 18, 2017
This week I review a document put out by the Japan Computer Emergency Response Team Coordination Center on "Detecting Lateral Movement through Tracking Event Logs."
Jul 11, 2017
This week I break down the forensic value of Windows Jump lists.
Jul 4, 2017
This week I talk about how to design your own training programs using low cost\ no cost options.
Jun 27, 2017
This week I take a look at online sandboxes for malware analysis.
Jun 20, 2017
This week I talk a Notepad++, a freely available code editing tool with some great options built in that are useful for inspecting forensic artifacts.
Jun 13, 2017
This week I take a look at Redline by Mandiant, a tool that offers automated memory triage and much more.
Jun 6, 2017
This week I explore the idea of using scanning tools as part of an on scene triage process in order to find hidden devices and\or to document the systems of the local network.
May 30, 2017
Looking for the ultimate DFIR checklist? This week I check out a freely available guidebook that, as the name implies, is aimed at addressing all things DFIR related A-Z.
May 23, 2017
This week I talk about the Skype artifacts forensic examiners need to be aware of.
May 16, 2017
This week I take a look at CompTia's CSA+ certification and how it fits into a DFIR career.
May 9, 2017
This week it's back to browsers with Chrome Forensics.
May 2, 2017
This week is tool review week featuring Bulk Extractor. This is a great triage tool, lab tool and all around tool to help generate leads for your case.
Apr 25, 2017
This week I take you through some of the "pain points" of using VirtualBox as a forensic machine virtualization platform. VirtualBox is freely available and is a great tool to scale your lab and field systems at a low cost. VirtualBox does not have the "easy" buttons the pay tools have but do not let that stop you. In this episode I talk about the solutions that will have you up and running.
Apr 18, 2017
This week I talk Firefox forensics and identify the artifacts examiners need to know about.
Apr 11, 2017
This week I’m talking about the Windows browser some are still surprised to learn about, MS Edge. Windows 10 comes with two browsers and in this week’s podcast I’m going to go over one of them, MS Edge, and what computer forensic examiners need to know about it.
Apr 4, 2017
This week I talk about surviving Windows Thumbcache forensics. A great source of evidence for File Use & Knowledge investigations.