
DFSP # 058 - Linux FU&K Artifacts
This week I talk Linux forensics and breakdown some useful artifacts that may generate leads for investigations.
28 Mar 201723min

DFSP # 057 - Webmail Collections
This week I talk about a methodology to collect webmail using freely available tools as well as the things you must consider before you do so.
21 Mar 201720min

DFSP # 056 - Surviving Solid State Drives
This week I go over my survival tips for imaging solid state drives (SSDs).
14 Mar 201715min

DFSP # 055 - Automated Host Intelligence
This week I talk about threat intelligence tool Hostintel by Keith Jones.
7 Mar 201725min

DFSP # 054 - Surviving the Conference Season
This week I share some thoughts on how to approach DFIR conferences to maximize the experience. There are many to choose from and having an analytical approach may get you exactly what you want for yo...
28 Feb 201715min

DFSP # 053 - Top FU&K Plugins
This week I talk about my favorite Volatility plugins for File Use & Knowledge investigations to get at the volatile evidence most often targeted during a dead box exam.
21 Feb 201723min

DFSP # 052 - Free Your Mind
This week I talk about FreeMind, a freely available visualization tool that can be used to enhance the computer forensic investigation process.
14 Feb 201721min

DFSP # 051 - Analyzing PE Signatures
This week I talk about an openly available library and tool repository all examiners should be aware of as well as a tool by Didier Stevens called "AnalyzePESig" which is perfect for bulk analysis of...
7 Feb 201719min


















