This Is A Custom Widget

This Sliding Bar can be switched on or off in theme options, and can take any widget you throw at it or even fill it with your custom HTML Code. Its perfect for grabbing the attention of your viewers. Choose between 1, 2, 3 or 4 columns, set the background color, widget divider color, activate transparency, a top border or fully disable it on desktop and mobile.

This Is A Custom Widget

This Sliding Bar can be switched on or off in theme options, and can take any widget you throw at it or even fill it with your custom HTML Code. Its perfect for grabbing the attention of your viewers. Choose between 1, 2, 3 or 4 columns, set the background color, widget divider color, activate transparency, a top border or fully disable it on desktop and mobile.

SDF Series

/SDF Series
­

DFSP # 057 – Webmail Collections

By |March 21st, 2017|Podcast, SDF Series|

Webmail collection techniques and considerations This week I talk about a methodology to collect webmail using freely available tools as well as the things you must consider before you do so. Show Notes The show breaks down some of the legal, CYA and evidence integrity considerations when using [...]

DFSP # 056 – Surviving Solid State Drives

By |March 14th, 2017|Podcast, SDF Series|

What the examiner needs to know about SSDs. This week I go over my survival tips for imaging solid state drives (SSDs). Show Notes Solid State Drives and Computer Forensics Here are some knowledge points and tips to help you survive a computer forensic exam involving a solid state [...]

DFSP # 055 – Automated Host Intelligence

By |March 7th, 2017|Podcast, SDF Series|

HostIntel This week I talk about threat intelligence tool Hostintel by Keith Jones. Show Notes In a previous episode I talked about JustMetadata, a host intelligence tool that streamlines gathering open source intelligence on domain names and ip addresses. A comparable tool for host based intelligence gathering is Hostintel [...]

DFSP # 054 – Surviving the Conference Season

By |February 28th, 2017|Podcast, SDF Series|

DFIR Conference Tips This week I share some thoughts on how to approach DFIR conferences to maximize the experience. There are many to choose from and having an analytical approach may get you exactly what you want for your time and money. Show Notes A listener recently asked me [...]

Open Enrollment Announcement – Shimcache Forensics

By |February 21st, 2017|SDF Series|

Shimcache Forensics Now Open! SDF - Open Enrollment Announcement Windows Shimcache Forensics SHIMCACHE FORENSICS TRAINING is now available. Simply register for the class using the code below. Open Enrollment valid through Thursday, February 23, 2017 (EST) Coupon Code: PRESIDENT More Info SUMURI is our Gracious Host, here is [...]

DFSP # 053 – Top FU&K Plugins

By |February 21st, 2017|Podcast, SDF Series|

Volatility Plugins for File Use & Knowledge (FU&K) investigations. This week I talk about my favorite Volatility plugins for File Use & Knowledge investigations to get at the volatile evidence most often targeted during a dead box exam. Show Notes  Volatility Plugins for FU&K mftparser This plugin scans for [...]

DFSP # 052 – Free Your Mind

By |February 14th, 2017|Podcast, SDF Series|

Visualization Software for Computer Forensics This week I talk about FreeMind, a freely available visualization tool that can be used to enhance the computer forensic investigation process. Show Notes FreeMind is a free mind mapping software that may used to document and visualize computer forensic investigations, projects and [...]

DFSP # 051 – Analyzing PE Signatures

By |February 7th, 2017|Podcast, SDF Series|

Analyzing PE Signatures This week I talk about an openly available library and tool repository  all examiners should be aware of as well as a tool by Didier Stevens called "AnalyzePESig" which is perfect for bulk analysis of executables on Windows systems. Show Notes I am always on the [...]

DFSP # 050 – Virtual Machine Forensics

By |January 31st, 2017|Podcast, SDF Series|

Virtual Machine Forensics This week I talk File Use & Knowledge investigations involving virtual machines. This is mainly from a dead-box exam point-of-view. Show Notes VM Files - The Breakdown VMDK - Virtual Hard drive. What you can mount (sometimes) with a forensic tool to triage or image. VMSS [...]

DFSP # 049 – Get your SRUM on!

By |January 24th, 2017|Podcast, SDF Series|

SRUDB.DAT Survival This week I talk about SRUM, a windows artifact with some significant forensic value for both File Use & Knowledge investigations as well as Incident Response. Show Notes Forensic Breakdown SRUDB.dat - Windows file that records all sorts of system information by way of the Windows System Resource [...]