Info

The Forensic Lunch with David Cowen and Matthew Seyer

The Forensic Lunch! The twice a month podcast devoted to Digital Forensics and Incident Response!
RSS Feed Subscribe in iTunes
The Forensic Lunch with David Cowen and Matthew Seyer
2017
May
April
February


2016
September
August
July
April
March
February
January


2015
November
October
September
August
June


Categories

All Episodes
Archives
Categories
Now displaying: January, 2016
Jan 22, 2016

The Forensic Lunch!

The 1 hour, usually, videocast/podcast that brings you the latest in new DFIR research, topics and people.

This weeks guests:
Hal Pomeranz,@hal_pomeranz, of Deer Run associates talking about updates to his Linux Memory Grabber and some research into bash_history behavior.

You can get the linux memory grabber he discussed here https://github.com/halpomeranz/lmg

Hal can be reached at hal@deer-run.com

Eric Zimmerman,@EricRZimmerman, of Kroll's cyber security practice talking about prefetch and explaining his tool to get more, as well as whats new in Windows 10 prefetch

You can get Eric's prefetch parser here: https://github.com/EricZimmerman/Prefetch

http://www.kroll.com/en-us/who-we-are/kroll-experts/eric-zimmerman

Matthew and I showing how to use the hfs+ journal parser and what to do with it

You can get the HFS+ Journal parser here: https://www.gettriforce.com/product/hfs-journal-parser/

Jan 8, 2016

The first new lunch of the new year with

Sarah Holmes of the Foreman project (Open Source DFIR Matter Management), You can get a copy (and contribute to!) foreman here:
https://bitbucket.org/lowmanio/foreman/

You can contact Sarah here: sarah@lowmanio.co.uk

Michael Robinson of the Black T-Shirt Cyber Forensics Challenge talking about well the Black T-Shirt Cyber Forensics Challenge
You can join the Black T-Shirt Cyber Forensics Challenge here:
http://cyberforensicschallenge.com/

You can contact them at cyberforensicschallenge@gmail.com

Our FSEvents tool will be released just as soon as we write documentation for it. Want an early release for testing? Email me dcowen@g-cpartners.com

1