The Forensic Lunch!
The 1 hour, usually, videocast/podcast that brings you the latest in new DFIR research, topics and people.
This weeks guests:
Hal Pomeranz,@hal_pomeranz, of Deer Run associates talking about updates to his Linux Memory Grabber and some research into bash_history behavior.
You can get the linux memory grabber he discussed here https://github.com/halpomeranz/lmg
Hal can be reached at firstname.lastname@example.org
Eric Zimmerman,@EricRZimmerman, of Kroll's cyber security practice talking about prefetch and explaining his tool to get more, as well as whats new in Windows 10 prefetch
You can get Eric's prefetch parser here: https://github.com/EricZimmerman/Prefetch
Matthew and I showing how to use the hfs+ journal parser and what to do with it
You can get the HFS+ Journal parser here: https://www.gettriforce.com/product/hfs-journal-parser/
The first new lunch of the new year with
Sarah Holmes of the Foreman project (Open Source DFIR Matter Management), You can get a copy (and contribute to!) foreman here:
You can contact Sarah here: email@example.com
Michael Robinson of the Black T-Shirt Cyber Forensics Challenge talking about well the Black T-Shirt Cyber Forensics Challenge
You can join the Black T-Shirt Cyber Forensics Challenge here:
You can contact them at firstname.lastname@example.org
Our FSEvents tool will be released just as soon as we write documentation for it. Want an early release for testing? Email me email@example.com