This Is A Custom Widget

This Sliding Bar can be switched on or off in theme options, and can take any widget you throw at it or even fill it with your custom HTML Code. Its perfect for grabbing the attention of your viewers. Choose between 1, 2, 3 or 4 columns, set the background color, widget divider color, activate transparency, a top border or fully disable it on desktop and mobile.

This Is A Custom Widget

This Sliding Bar can be switched on or off in theme options, and can take any widget you throw at it or even fill it with your custom HTML Code. Its perfect for grabbing the attention of your viewers. Choose between 1, 2, 3 or 4 columns, set the background color, widget divider color, activate transparency, a top border or fully disable it on desktop and mobile.

Michael

/Michael
­

About Michael

Michael is a computer forensic analyst with over 13 years of investigative experience, the creator of the Surviving Digital Forensic training series and the host of the Digital Forensic Survival Podcast.

DFSP # 043 – Imaging a Mac: Survival Tips

By |December 13th, 2016|Mac Forensics, Podcast, SDF Series|

Tips for Imaging a Mac This week I go over survival tips for imaging a Mac. Show Notes Sources: Mac Fusion Drive  https://en.wikipedia.org/wiki/Fusion_Drive MAC C Port  http://www.macworld.com/article/2894423/thunderbolted-usb-c-is-our-new-connection-overlord-get-used-to-it.html     SDF Training Class of the Week

DFSP # 042 – Windows 10 Prefetch

By |December 6th, 2016|Podcast, SDF Series|

Windows 10 Prefetch Forensics This week I about the format change for Windows 10 Prefetch files as well as a freely available tool to decompress and present .pf file data. Show Notes  Details Windows 10 .pf files are compressed in MAM format (Xpress Huffman Algorithm), note the "MAM" signature. [...]

DFSP # 041 – Trash Talkin’

By |November 29th, 2016|Podcast, SDF Series|

.Trash Artifacts on Mac This week I'm talking .Trash. I cover the forensic basics of this Mac artifact that examiners need to know. Show Notes I have written two articles on .trash previously, here are the links: http://digitalforensicsurvivalpodcast.com/2016/02/14/plist-survival-is-trash-set-to-secure-erase/ http://digitalforensicsurvivalpodcast.com/2016/02/14/tale-of-two-trashes/ SDF Training Class of the [...]

Open Enrollment Announcement

By |November 27th, 2016|SDF Series|

Windows Prefetch Forensics Now Open! Cyber Monday is coming! Instead of spending money get some FREE Computer Forensic Training. Take advantage of this open enrollment opportunity and sign up for Windows Prefetch Forensics now. Open Enrollment valid through Monday, November 28, 2016 (EST) Coupon Code: dfsp-cyber-mon-2016 More Info [...]

DFSP # 040 – Mac Log Files

By |November 22nd, 2016|Mac Forensics, Podcast|

Mac Log Files This week I talk about Mac Log files that are useful for File Use & Knowledge investigations as well as Incident Response. Show Notes  Further Information See Sarah Edwards' research on Mac log files at: https://digital-forensics.sans.org/summit-archives/2012/analysis-and-correlation-of-macintosh-logs.pdf   Advanced Console Searching SDF [...]

DFSP # 039 – Apache Weblogs & SDF Announcement

By |November 15th, 2016|Podcast, SDF Series|

Apache Weblogs & SDF Announcement This week I talk about Apache weblogs and a great resource for foundational knowledge at aid newer examiners with forensic analysis. In addition, big news for the SDF series! Show Notes  Apache Weblog Video Resource by Manoj Jasawat for a breakdown of what they [...]

DFSP # 038 – Finder Sidebar Forensics

By |November 8th, 2016|Mac Forensics, Podcast|

The FINDER SIDEBAR This week it's back to Mac forensics with a look at the the Finder Sidebar and it's value for File Use & Knowledge investigations. Show Notes  What is the FINDER Sidebar? Finder windows have a sidebar with items users frequently access such as folders, disks, and [...]

DFSP # 037 – The DFIRONOMICON

By |November 1st, 2016|Podcast|

Dfironomicon - Original Translation This week I pull back the focus for newer examiners and share some thoughts on creating a system that works for you to organize, and keep readily accessible, all the knowledge you accumulate..... and a few words about Shimcache on Windows 10. Show Notes iBook Author [...]

DFSP # 036 – iCloud Forensic Evidence

By |October 25th, 2016|Mac Forensics, Podcast|

iCloud Forensics This week I breakdown iCloud forensic artifacts. Show Notes Forensic Value Identifying iCloud Accounts: Another source as evidence for email, messages & remote storage of files Preservation orders Identify Mobile documents Other versions of documents in iCloud and\or other devices Identify preview files of Mobile [...]

DFSP # 035 – “Recent” File Listings on a Mac

By |October 18th, 2016|Mac Forensics, Podcast|

"Recent" PLISTS This week I talk about where to find different listing of different recently accessed files on a Mac as well as how to break out the data for interpretation. Show Notes Below are a few useful PLISTS that record "recently" accessed files on a Mac. Here is my usual [...]