This Is A Custom Widget

This Sliding Bar can be switched on or off in theme options, and can take any widget you throw at it or even fill it with your custom HTML Code. Its perfect for grabbing the attention of your viewers. Choose between 1, 2, 3 or 4 columns, set the background color, widget divider color, activate transparency, a top border or fully disable it on desktop and mobile.

This Is A Custom Widget

This Sliding Bar can be switched on or off in theme options, and can take any widget you throw at it or even fill it with your custom HTML Code. Its perfect for grabbing the attention of your viewers. Choose between 1, 2, 3 or 4 columns, set the background color, widget divider color, activate transparency, a top border or fully disable it on desktop and mobile.

Podcast

/Podcast
­

DFSP # 067 – IR A-Z

By |May 30th, 2017|Podcast, SDF Series|

Incident Response A-Z Looking for the ultimate DFIR checklist? This week I check out a freely available guidebook that, as the name implies, is aimed at addressing all things DFIR related A-Z. Show Notes Check out IR A-Z by Mary Ellen Kennel at IR A-Z [...]

DFSP # 066 – Skype Forensics

By |May 23rd, 2017|Podcast, SDF Series|

Skype Forensic Artifacts This week I talk about the Skype artifacts forensic examiners need to be aware of. Show Notes Find more information with: Magnet Forensics:  https://www.magnetforensics.com/wp-content/uploads/2014/04/Skype-Forensics-Analyzing-Call-and-Chat-Data-From-Computers-and-Mobile-Magnet-Forensics.pdf  Carpe Indicium (Lync\ Skype for Business*):  http://carpeindicium.com/blog/forensic-artifacts-microsoft-lync   * Artifacts may be the same, must be verified - just FYI [...]

DFSP # 065 – Is CSA+ Certification right for you?

By |May 16th, 2017|Podcast, SDF Series|

CompTIA CSA+ Certification This week I take a look at CompTia's CSA+ certification and how it fits into a DFIR career. Show Notes CompTIA's CSA+ https://certification.comptia.org/certifications/cybersecurity-analyst   SDF Training Class of the Week DFSP Sponsors make the Podcast possible. Show them your love and support! [...]

DFSP # 064 – Chrome Forensics

By |May 9th, 2017|Podcast, SDF Series|

This week it's back to browsers with Chrome Forensics. Show Notes Chrome Forensic Tools Chrome Cache View: http://www.nirsoft.net/utils/chrome_cache_view.html DB Browser for SQLite: http://sqlitebrowser.org/ Chrome History Viewer: http://www.nirsoft.net/utils/chrome_history_view.html Image Cache Viewer: http://www.nirsoft.net/utils/image_cache_viewer.html ChromePass: http://www.nirsoft.net/utils/chromepass.html Chrome Cookies Viewer: http://www.nirsoft.net/utils/chrome_cookies_view.html SDF Training Class of the Week [...]

DFSP # 063 – Triage with Bulk Extractor

By |May 2nd, 2017|Podcast, SDF Series|

Bulk Extractor Forensics This week is tool review week featuring Bulk Extractor. This is a great triage tool, lab tool and all around tool to help generate leads for your case. Show Notes Get Bulk Extractor at: https://github.com/simsong/bulk_extractor Bulk Extractor Manual by Jessica Bradley SDF Training [...]

DFSP # 062 – Building a Forensic VM with VirtualBox

By |April 25th, 2017|Podcast, SDF Series|

Building a Forensic VM with VirtualBox This week I take you through some of the "pain points" of using VirtualBox as a forensic machine virtualization platform. VirtualBox is freely available and is a great tool to scale your lab and field systems at a low cost. VirtualBox does not have the [...]

DFSP # 061 – Firefox Forensics

By |April 18th, 2017|Podcast, SDF Series|

Firefox Forensics This week I talk Firefox forensics and identify the artifacts examiners need to know about. Show Notes Below are the artifacts I talk about in the Podcast along with their respective file paths and freely available tools you can use to parse the data. Firefox Bookmarks, [...]

DFSP # 060 – Browsing on the Edge

By |April 11th, 2017|Podcast, SDF Series|

Microsoft Edge Browser Evidence This week I’m talking about the Windows browser some are still surprised to learn about, MS Edge. Windows 10 comes with two browsers and in this week’s podcast I’m going to go over one of them, MS Edge, and what computer forensic examiners need to know about [...]

DFSP # 059 – Thumbcache Forensics

By |April 4th, 2017|Podcast, SDF Series|

Windows Thumbcache Forensics This week I talk about surviving Windows Thumbcache forensics. A great source of evidence for File Use & Knowledge investigations. Show Notes The Windows Thumbcache, and it's legacy the Thumbs.db file, are a great source of graphical evidence for File Use & Knowledge investigations. Thumbcache images [...]

DFSP # 058 – Linux FU&K Artifacts

By |March 28th, 2017|Podcast, SDF Series|

Linux File Use & Knowledge Artifacts This week I talk Linux forensics and breakdown some useful artifacts that may generate leads for investigations. Show Notes Linux forensics is often IR driven, but sometimes one comes up in a File Use & Knowledge investigation. It is a given that an examiner will [...]