Sinopsis
Listen to talk about computer forensic analysis, techniques, methodology, tool reviews and more.
Episodios
-
![DFSP # 375 - More AI with SUMURI]()
DFSP # 375 - More AI with SUMURI
25/04/2023 Duración: 30minThis week Jason Roslewicz from SUMURI returns to talk more about AI issues.
-
![DFSP # 374 - SRUM]()
DFSP # 374 - SRUM
18/04/2023 Duración: 15minThis week I break down the Windows System Resource Usage Monitor from a DFIR point of view.
-
![DFSP # 373 - Linux File Poisoning]()
DFSP # 373 - Linux File Poisoning
11/04/2023 Duración: 19minThis week I cover some malware detection methods for Linux.
-
![DFSP # 372 - Windows Processes]()
DFSP # 372 - Windows Processes
04/04/2023 Duración: 25minThis week I talk about different ways to approach windows process triage. There are so many processes, especially in enterprise environments, having a standard approach that is fast and effective is key for security incident response.
-
![DFSP # 371 - AI with SUMURI]()
DFSP # 371 - AI with SUMURI
28/03/2023 Duración: 26minThis week Jason Roslewicz from SUMURI shares his insights about the impact of artificial intelligence and provides advice for navigating through changing times.
-
![DFSP # 370 - UserAssist]()
DFSP # 370 - UserAssist
21/03/2023 Duración: 18minThis week is a Windows artifact breakdown on a common source of evidence.
-
![DFSP # 369 - Linux Malware]()
DFSP # 369 - Linux Malware
14/03/2023 Duración: 17minThis week I cover malware on Linux file systems for new examiners.
-
![DFSP # 368 - SVCHOST]()
DFSP # 368 - SVCHOST
07/03/2023 Duración: 15minThis week is a guide to understanding SVCHOST from a DFIR point of view. It is one of the most abused Windows processes, and having a firm working knowledge for investigations is essential.
-
![DFSP # 367 - Shimcache Amcache]()
DFSP # 367 - Shimcache Amcache
28/02/2023 Duración: 15minThis week is a Windows artifact breakdown on a common source of evidence.
-
![DFSP # 366 - Linux File System]()
DFSP # 366 - Linux File System
21/02/2023 Duración: 15minThis week I cover the Linux file system for new examiners.
-
![DFSP # 365 - CVSS Triage]()
DFSP # 365 - CVSS Triage
14/02/2023 Duración: 16minThis week I breakdown the elements within a standard CVSS report for fast triage application.
-
![DFSP # 364 - Network Triage]()
DFSP # 364 - Network Triage
07/02/2023 Duración: 14minThis week I talk about how to triage Windows events for network connection activity.
-
![DFSP # 363 - RDP Forensics]()
DFSP # 363 - RDP Forensics
31/01/2023 Duración: 17minThis week I talk about how to approach investigations involving remote desktop connections.
-
![DFSP # 362 - Windows Core Processes]()
DFSP # 362 - Windows Core Processes
24/01/2023 Duración: 19minThis week I talk about Windows core processes from a DFIR point of view.
-
![DFSP # 361 - Powershell Breakdown]()
DFSP # 361 - Powershell Breakdown
17/01/2023 Duración: 15minThis week I talk about Powershell attack IOCs.
-
![DFSP # 360 - Permitted Events]()
DFSP # 360 - Permitted Events
10/01/2023 Duración: 13minThis week I talk about how to triage Windows events for network connection activity.
-
![DFSP # 359 - Career Checkpoint]()
DFSP # 359 - Career Checkpoint
03/01/2023 Duración: 15minThis week is my annual career assessment review - or, my guidelines of how to evaluate your past performance and your future goals.
-
![DFSP # 358 - Listening Ports]()
DFSP # 358 - Listening Ports
27/12/2022 Duración: 16minThis week I talk about how to triage Windows events for network listening activity.
-
![DFSP # 357 - EVTX Analysis]()
DFSP # 357 - EVTX Analysis
20/12/2022 Duración: 15minThis week I talk about an approach for reviewing Windows event logs.
-
![DFSP # 356 - CMD Triage]()
DFSP # 356 - CMD Triage
13/12/2022 Duración: 14minThis week I talk about an approach for reviewing CMD syntax for findings.
