Jul 3, 2018
This week I talk about the security changes coming with iOS 11.4
Jun 26, 2018
This week I talk about IP address and domain triage for computer forensic investigations.
Jun 19, 2018
This week I talk about ATT&CK for Enterprise
Jun 12, 2018
This week I talk about getting started in scripting
Jun 5, 2018
This week I talk about Rita, a free Threat Hunting Tool from Black Hills Information Security
May 29, 2018
This week I review mft2csv
May 22, 2018
This week I talk about Linux triage using the /.bash_history artifact
May 15, 2018
This week I review two tools for extracting and parsing USNJRNL evidence.
May 8, 2018
This week I talk about a clever way to leverage Volatility to triage malware on a target system
May 1, 2018
This week I talk about 6 different prefetch tools that are FREE!
Apr 24, 2018
This week I talk about keeping up with attack intelligence.
Apr 17, 2018
This week I do a tool review of CYLR and CDQR - perhaps the easiest way to build an awesome timeline
Apr 10, 2018
This week I talk how common ports plays into network forensics.
Apr 3, 2018
This week I go over some Network Forensic artifacts and what they offer to an investigation.
Mar 27, 2018
This week I review two freely available forensic tools from Foxton Forensics
Mar 20, 2018
This week I talk about OLEDump, a malware analysis tool for investigating suspicious macros in MS Office documents
Mar 13, 2018
This week I talk about Cutter, a static malware analysis tool by Radare
Feb 27, 2018
This week I go over an easy way to get set-up to start using crypto-currency to testing \ validation \ and self-training purposes
Feb 20, 2018
This week I interview an industry expert about mobile device JTAG and ISP forensics.
Feb 13, 2018
This week I talk about the userassist artifact for file use and knowledge investigations.
Feb 6, 2018
This week I talk about resolving USB usage back to specific systems and user accounts.
Jan 30, 2018
This week I talk about Windows Explorer evidence.
Jan 23, 2018
This week I talk about Windows Shellbags.
Jan 16, 2018
This week I continue the back to basics series with talk on the Windows Shimcache.
Jan 9, 2018
This week it's a refresher on the Windows Prefetch, a core Microsoft artifact every examiner should know.