Info

Digital Forensic Survival Podcast

Listen to talk about computer forensic analysis, techniques, methodology, tool reviews and more.
RSS Feed
Digital Forensic Survival Podcast
2024
October
September
August
July
June
May
April
March
February
January


2023
December
November
October
September
August
July
June
May
April
March
February
January


2022
December
November
October
September
August
July
June
May
April
March
February
January


2021
December
November
October
September
August
July
June
May
April
March
February
January


2020
December
November
October
September
August
July
June
May
April
March
February
January


2019
December
November
October
September
August
July
June
May
April
March
February
January


2018
December
November
October
September
August
July
June
May
April
March
February
January


2017
December
November
October
September
August
July
June
May
April
March
February
January


2016
December
November
October
September
August
July
June
May
April
March
February


All Episodes
Archives
Now displaying: May, 2024
May 28, 2024

TCP control bits are part of the TCP header and are used to manage the connection between two devices. These control bits are single-bit flags that indicate various aspects of the TCP connection and are important for understanding and analyzing network traffic...

May 21, 2024

The time it takes from an initial escalation to the initial discovery of compromise is a key metric. Teams strive to do this as quickly as possible, but there are a number of challenges. You do not know what you're going to be handed, but you're pretty much guaranteed It's going to be a unique set of circumstances that require some type of customized or mostly customized response. So how do you accomplish this? Most analyst rely on a set of tried and true various techniques that can be used at scale. This week I'm going to cover a few of them, each being a critical technique you should be familiar with for forensic investigations...

May 14, 2024

Windows Scheduled Tasks are often used by attackers to establish persistence. As an analyst, you want to be aware of the different windows event codes that record these details. These artifacts come up in just about every windows compromise assessment, consider them core triage skills. There are several events, all of which I will go over in this episode. I will break them down from a DFIR point of view and give you the triage methodology...

May 7, 2024

This week I talk about career moves for the DFIR professional. The skill set is valuable, but it must be combined with the right additional technical skills to maximize future job opportunities. Of course, there is one skill set that stands out above the rest...

1