
DFSP # 347 - Weblogs
This week is a breakdown of HTTP log forensic triage.
11 Loka 202224min

DFSP # 346 - Masquerading
This week I talk about finding evidence of Kernel file masquerading on Linux systems.
4 Loka 202215min

DFSP # 345 - AutoRuns
This week I talk about how to find evidence of malicious autoruns in the windows registry.
27 Syys 202218min

DFSP # 344 - Mac Spotlight DB
This week I talk about the forensic value of the Apple Spotlight DB.
20 Syys 202218min

DFSP # 343 - Registry aka The Dungeon Maze
When you talk autoruns you must talk about the Windows registry. This artifact is very dense and it may be difficult to zero in on the elements that are important for compromise assessment. Given that...
13 Syys 202211min

DFSP # 342 - FLUX It
This week I talk about the attack methodology known as Fast Flux.
6 Syys 202214min

DFSP # 341 - Those other taskers
This week's focus is on other scheduled task events useful for DFIR triage.
30 Elo 202214min

DFSP # 340 - PSEXEC, ready or not
This week I talk about a popular Windows utility attackers often exploit.
23 Elo 202217min









