Sinopsis
Listen to talk about computer forensic analysis, techniques, methodology, tool reviews and more.
Episodios
-
![DFSP # 215 - CMSTP Forensics]()
DFSP # 215 - CMSTP Forensics
31/03/2020 Duración: 14minThis week I cover triaging CMSTP for remote execution
-
![DFSP # 214 - CyberChef]()
DFSP # 214 - CyberChef
24/03/2020 Duración: 20minThis week I explain why you need CyberChef in your toolbox
-
![DFSP # 213 - Trusted Developer Utilities]()
DFSP # 213 - Trusted Developer Utilities
17/03/2020 Duración: 14minThis week I talk DFIR triage for Microsoft Trusted Dev Utilities
-
![DFSP # 212 - Learning Python]()
DFSP # 212 - Learning Python
10/03/2020 Duración: 14minThis week I review resources aimed at teaching you Python
-
![DFSP # 211 - Mac Forensics with Steve Whalen]()
DFSP # 211 - Mac Forensics with Steve Whalen
03/03/2020 Duración: 33minThis week I interview Steve Whalen from SUMURI about the current Mac Forensic landscape
-
![DFSP # 210 - Pivot Tables for Forensics]()
DFSP # 210 - Pivot Tables for Forensics
25/02/2020 Duración: 18minThis week I talk about Pivot Tables and their value for DFIR investigations
-
![DFSP # 209 - Mac Autoruns]()
DFSP # 209 - Mac Autoruns
18/02/2020 Duración: 13minThis week I talk about common autorun locations to check during Mac exams
-
![DFSP # 208 - Persistence Fast Triage]()
DFSP # 208 - Persistence Fast Triage
11/02/2020 Duración: 19minThis week I talk about a fast triage methodology to detect persistence on Windows systems
-
![DFSP # 207 - Forensic Grab Bag]()
DFSP # 207 - Forensic Grab Bag
04/02/2020 Duración: 17minThis week I talk about tools available on the SIFT workstation... that you may not know or even there!
-
![DFSP # 206 - Certutil Abuse]()
DFSP # 206 - Certutil Abuse
28/01/2020 Duración: 16minThis week I talk breakdown certutil exploitation; what it is and methods to detect malicious usage
-
![DFSP # 205 - Layered Drivers]()
DFSP # 205 - Layered Drivers
21/01/2020 Duración: 10minThis week I talk about using layered drivers as an artifact to identify persistence
-
![DFSP # 204 - SOF ELK]()
DFSP # 204 - SOF ELK
14/01/2020 Duración: 13minThis week I talk about SOF ELK, a freely available pre-built virtual appliance for DFIR work
-
![DFSP # 203 - Profile of a modern analyst]()
DFSP # 203 - Profile of a modern analyst
07/01/2020 Duración: 16minThis week I start the year with my traditional "back-to-basics" episode, focusing on self-improvement themes and goals to consider
-
![DFSP # 202 - Base64 Forensics]()
DFSP # 202 - Base64 Forensics
31/12/2019 Duración: 13minThis week I talk about dealing with Base64 evidence.
-
![DFSP # 201 - Regsvcs Triage]()
DFSP # 201 - Regsvcs Triage
24/12/2019 Duración: 12minThis week I talk about identifying REGSVC \ REGASM abuse
-
![DFSP # 200 - Audit Log Clearing]()
DFSP # 200 - Audit Log Clearing
17/12/2019 Duración: 16minThis week I talk about different types of audit log clearing and detection strategies
-
![DFSP # 199 - Hashdeep]()
DFSP # 199 - Hashdeep
10/12/2019 Duración: 16minThis week I talk about using Hashdeep for forensic triage
-
![DFSP # 198 - Linux Malware Detect]()
DFSP # 198 - Linux Malware Detect
03/12/2019 Duración: 11minThis week I talk about LMD, an openly available tool to increase Linux security posture.
-
![DFSP # 197 - Approaching Network Forensics]()
DFSP # 197 - Approaching Network Forensics
26/11/2019 Duración: 21minThis week I talk about network forensic methodology.
-
![DFSP # 196 - autoLLR]()
DFSP # 196 - autoLLR
19/11/2019 Duración: 14minThis week I talk about autoLLR, a script to automate evidence collection on live Linux systems as well as artifact post processing.
