This Is A Custom Widget

This Sliding Bar can be switched on or off in theme options, and can take any widget you throw at it or even fill it with your custom HTML Code. Its perfect for grabbing the attention of your viewers. Choose between 1, 2, 3 or 4 columns, set the background color, widget divider color, activate transparency, a top border or fully disable it on desktop and mobile.

This Is A Custom Widget

This Sliding Bar can be switched on or off in theme options, and can take any widget you throw at it or even fill it with your custom HTML Code. Its perfect for grabbing the attention of your viewers. Choose between 1, 2, 3 or 4 columns, set the background color, widget divider color, activate transparency, a top border or fully disable it on desktop and mobile.

Podcast

/Podcast
­

DFSP # 062 – Building a Forensic VM with VirtualBox

By |April 25th, 2017|Podcast, SDF Series|

Building a Forensic VM with VirtualBox This week I take you through some of the "pain points" of using VirtualBox as a forensic machine virtualization platform. VirtualBox is freely available and is a great tool to scale your lab and field systems at a low cost. VirtualBox does not have the [...]

DFSP # 061 – Firefox Forensics

By |April 18th, 2017|Podcast, SDF Series|

Firefox Forensics This week I talk Firefox forensics and identify the artifacts examiners need to know about. Show Notes Below are the artifacts I talk about in the Podcast along with their respective file paths and freely available tools you can use to parse the data. Firefox Bookmarks, [...]

DFSP # 060 – Browsing on the Edge

By |April 11th, 2017|Podcast, SDF Series|

Microsoft Edge Browser Evidence This week I’m talking about the Windows browser some are still surprised to learn about, MS Edge. Windows 10 comes with two browsers and in this week’s podcast I’m going to go over one of them, MS Edge, and what computer forensic examiners need to know about [...]

DFSP # 059 – Thumbcache Forensics

By |April 4th, 2017|Podcast, SDF Series|

Windows Thumbcache Forensics This week I talk about surviving Windows Thumbcache forensics. A great source of evidence for File Use & Knowledge investigations. Show Notes The Windows Thumbcache, and it's legacy the Thumbs.db file, are a great source of graphical evidence for File Use & Knowledge investigations. Thumbcache images [...]

DFSP # 058 – Linux FU&K Artifacts

By |March 28th, 2017|Podcast, SDF Series|

Linux File Use & Knowledge Artifacts This week I talk Linux forensics and breakdown some useful artifacts that may generate leads for investigations. Show Notes Linux forensics is often IR driven, but sometimes one comes up in a File Use & Knowledge investigation. It is a given that an examiner will [...]

DFSP # 057 – Webmail Collections

By |March 21st, 2017|Podcast, SDF Series|

Webmail collection techniques and considerations This week I talk about a methodology to collect webmail using freely available tools as well as the things you must consider before you do so. Show Notes The show breaks down some of the legal, CYA and evidence integrity considerations when using [...]

DFSP # 056 – Surviving Solid State Drives

By |March 14th, 2017|Podcast, SDF Series|

What the examiner needs to know about SSDs. This week I go over my survival tips for imaging solid state drives (SSDs). Show Notes Solid State Drives and Computer Forensics Here are some knowledge points and tips to help you survive a computer forensic exam involving a solid state [...]

DFSP # 055 – Automated Host Intelligence

By |March 7th, 2017|Podcast, SDF Series|

HostIntel This week I talk about threat intelligence tool Hostintel by Keith Jones. Show Notes In a previous episode I talked about JustMetadata, a host intelligence tool that streamlines gathering open source intelligence on domain names and ip addresses. A comparable tool for host based intelligence gathering is Hostintel [...]

DFSP # 054 – Surviving the Conference Season

By |February 28th, 2017|Podcast, SDF Series|

DFIR Conference Tips This week I share some thoughts on how to approach DFIR conferences to maximize the experience. There are many to choose from and having an analytical approach may get you exactly what you want for your time and money. Show Notes A listener recently asked me [...]

DFSP # 053 – Top FU&K Plugins

By |February 21st, 2017|Podcast, SDF Series|

Volatility Plugins for File Use & Knowledge (FU&K) investigations. This week I talk about my favorite Volatility plugins for File Use & Knowledge investigations to get at the volatile evidence most often targeted during a dead box exam. Show Notes  Volatility Plugins for FU&K mftparser This plugin scans for [...]