Mar 20, 2018
This week I talk about OLEDump, a malware analysis tool for investigating suspicious macros in MS Office documents
Mar 13, 2018
This week I talk about Cutter, a static malware analysis tool by Radare
Feb 27, 2018
This week I go over an easy way to get set-up to start using crypto-currency to testing \ validation \ and self-training purposes
Feb 20, 2018
This week I interview an industry expert about mobile device JTAG and ISP forensics.
Feb 13, 2018
This week I talk about the userassist artifact for file use and knowledge investigations.
Feb 6, 2018
This week I talk about resolving USB usage back to specific systems and user accounts.
Jan 30, 2018
This week I talk about Windows Explorer evidence.
Jan 23, 2018
This week I talk about Windows Shellbags.
Jan 16, 2018
This week I continue the back to basics series with talk on the Windows Shimcache.
Jan 9, 2018
This week it's a refresher on the Windows Prefetch, a core Microsoft artifact every examiner should know.
Jan 2, 2018
This week I kick off a revisit of the fundamentals helpful to all new examiners.
Dec 26, 2017
This week I go over some "go to" Windows Event Logs.
Dec 19, 2017
This week I talk about Mac Logs, namely the new Unified Logging in OS X and how this impacts forensic exams.
Dec 12, 2017
This week I talk about the "built-in" eDiscovery tools for Office 365
Dec 5, 2017
This week I break down the different variations of the "malware analyst." Do you qualify as one?
Nov 28, 2017
This week I talk about the volatility plug-ins for autopsy that allow you to do memory forensics in the autopsy forensic console.
Nov 21, 2017
This week I talk about the new file system released by Apple, APFS, and what it means for forensic examiners.
Nov 14, 2017
This week I talk about RTFM, the companion to the blue team field manual that's filled with over 1000 commands for windows and Linux.
Nov 7, 2017
This week talk about the Microsoft Evaluation Center, a resource Microsoft office to obtain evaluation versions of operating systems and products.
Oct 31, 2017
This week I interview a DFIR practitioner about some of the little known facts about a career in the industry.
Oct 24, 2017
This week I talk about the most popular artifacts to prove application execution
Oct 17, 2017
This week I interview a DFIR professional about his decision to get a Masters Degree in cyber security.
Oct 10, 2017
This week I review a freely available Windows Live Response collection tool available from BriMor Labs.
Oct 3, 2017
This week I talk Stego; what it is and what challenges is presents to DFIR professionals.
Sep 26, 2017
This week I review Blue Team Field Manual, a reference guide for DFIR practitioners.