
DFSP # 050 - Virtual Machine Forensics
This week I talk File Use & Knowledge investigations involving virtual machines. This is mainly from a dead-box exam point-of-view.
31 Jan 201721min

DFSP # 049 - Get your SRUM on!
This week I talk about SRUM, a windows artifact with some significant forensic value for both File Use & Knowledge investigations as well as Incident Response.
24 Jan 201717min

DFSP # 048 - Evidence Integrity On-Scene
This week I talk about considerations for digital evidence integrity when collection evidence on-scene from a live system.
17 Jan 201723min

DFSP # 047 - Epoch Time Survival
This week I talk about surviving mobile App timestamps.
10 Jan 201722min

DFSP # 046 - DFIR New Year
This week I share my thoughts on setting DFIR goals for the coming year. I go over seven points worth focusing on for professional development.
3 Jan 201731min

DFSP # 045 - RUN DMA
This week I talk DMA (direct memory access) exploits as a technique to bypass passwords of a live system to conduct imaging - with legal authority of course.
27 Des 201616min

DFSP # 044 - Automated File Intelligence
This week I talk about a useful automated file intelligence resource for dead box exam as well as IR investigations.
20 Des 201624min

DFSP # 043 - Imaging a Mac: Survival Tips
This week I go over survival tips for imaging a Mac.
13 Des 201620min


















