Sinopsis
Listen to talk about computer forensic analysis, techniques, methodology, tool reviews and more.
Episodios
-
![DFSP # 235 - Scheduled Task Change]()
DFSP # 235 - Scheduled Task Change
18/08/2020 Duración: 17minThis week I talk about examining Windows Scheduled Task change events for evidence of persistence.
-
![DFSP # 234 - Divide Conquer with Brian Carrier]()
DFSP # 234 - Divide & Conquer with Brian Carrier
11/08/2020 Duración: 21minThis week I interview Brian Carrier, SVP & CTO of Basis Technology about his "Divide & Conquer" approach to DFIR investigations.
-
![DFSP # 233 - New Scheduled Tasks]()
DFSP # 233 - New Scheduled Tasks
04/08/2020 Duración: 21minThis week I talk about examining Windows New Scheduled Task events for evidence of persistence.
-
![DFSP # 232 - Exam Process - Soup-to-Nuts]()
DFSP # 232 - Exam Process - Soup-to-Nuts
28/07/2020 Duración: 32minThis week Chris of MSAB shares his recommended process for DFIR exam standardization.
-
![DFSP # 231 - Service Change Triage]()
DFSP # 231 - Service Change Triage
21/07/2020 Duración: 18minThis week I talk about examining Windows Service modification events for evidence of persistence.
-
![DFSP # 230 - User Activity Artifacts]()
DFSP # 230 - User Activity Artifacts
14/07/2020 Duración: 21minThis week I talk about the artifacts and methodology for examining user activity on Windows systems.
-
![DFSP # 229 - Mobile Attacks Part 2]()
DFSP # 229 - Mobile Attacks Part 2
07/07/2020 Duración: 20minThis week is part 2 of the Mobile Attack series.
-
![DFSP # 228 - Psychology of Reporting]()
DFSP # 228 - Psychology of Reporting
30/06/2020 Duración: 23minThis week I interview Steve Whalen of SUMURI and we talk about effective ways to report forensic findings.
-
![DFSP # 227 - New Service Triage]()
DFSP # 227 - New Service Triage
23/06/2020 Duración: 13minThis week I talk about examining Windows systems for evidence of persistence.
-
![DFSP # 226 - User Logons]()
DFSP # 226 - User Logons
16/06/2020 Duración: 16minThis week I talk about a triage methodology for examining user activity.
-
![DFSP # 225 - Mobile Device Attacks]()
DFSP # 225 - Mobile Device Attacks
09/06/2020 Duración: 16minThis week I talk about mobile device compromise.
-
![DFSP # 224 - Conhost Forensics]()
DFSP # 224 - Conhost Forensics
02/06/2020 Duración: 21minThis week I talk about examining Conhost data for evidence of execution.
-
![DFSP # 223 - Apple Meta]()
DFSP # 223 - Apple Meta
26/05/2020 Duración: 28minThis week I interview Steve Whalen of SUMURI about Apple metadata.
-
![DFSP # 222 - User Enumeration]()
DFSP # 222 - User Enumeration
19/05/2020 Duración: 12minThis week I talk about a triage methodology for examining suspicious user accounts.
-
![DFSP # 221 - Mobile Device Security]()
DFSP # 221 - Mobile Device Security
12/05/2020 Duración: 14minThis week I talk about mobile device operating system and file system security, focusing specifically on applications.
-
![DFSP # 220 - Mobile Forensics For New Investigators]()
DFSP # 220 - Mobile Forensics For New Investigators
05/05/2020 Duración: 35minThis week I interview MSAB instructor Chris Currier about mobile forensics for new examiners.
-
![DFSP # 219 - Forensic Grab Bag]()
DFSP # 219 - Forensic Grab Bag
28/04/2020 Duración: 17minThis week I talk about persistence, malware analysis and identifying system owners.
-
![DFSP # 218 - Plaso Elk Timelines]()
DFSP # 218 - Plaso & Elk Timelines
21/04/2020 Duración: 13minThis week I talk about SOF-ELK to take your timelines to a new level
-
![DFSP # 217 - Static Malware Analysis]()
DFSP # 217 - Static Malware Analysis
14/04/2020 Duración: 12minThis week I talk about CFF Explorer.
-
![DFSP # 216 - DHASH]()
DFSP # 216 - DHASH
07/04/2020 Duración: 15minThis week I talk with MSAB about DHASH, learn what it is and its use in DFIR investigations
