Info

The Forensic Lunch with David Cowen and Matthew Seyer

The Forensic Lunch! The twice a month podcast devoted to Digital Forensics and Incident Response!
RSS Feed Subscribe in iTunes
The Forensic Lunch with David Cowen and Matthew Seyer
2017
May
April
February


2016
September
August
July
April
March
February
January


2015
November
October
September
August
June


Categories

All Episodes
Archives
Categories
Now displaying: September, 2016
Sep 23, 2016

The forensic lunch!

The twice a month live videocast/podcast all about #DFIR

This episode we have:

Bradley Schatz of Shatz Forensics and Evimetry, @blschatz, talking about his amazing new toolset Evimetry. Watch this first segment to learn more about AFF4, imaging bottlenecks and how his toolset can allow faster imaging locally, remotely and in cloud while doing a bunch of other really cool stuff!

Learn more about his toolset here: http://evimetry.com/

Scott Wahlstrom of KPMG, @wahlstros, came on to talk about the deployable mobile forensic GoKits KPMG has been testing and using in the field. Cool stuff here if you ever wonder how you can bring an entire analysis lab to a data center for a week.

Lastly Matt and I talk about whats new in Windows 10 Forensics with the following artifacts covered:
Lnk Files
Recent Docs
Shell bags and
Jumplists

Watch a couple times to really understand the impact this will have on your investigations!

Sep 2, 2016

The Forensic Lunch!

The videocast/livecast/podcast all about #DFIR!

This week we have Eric Zimmerman talking about the work he did speed and scale testing Encase, FTK and X-ways.

 

Also Matthew and I talking about our newest tool BitRocker which will expose which recovery keys will unlock a bitlocker encrypted volume.

Get our newest tool BitRocker here: https://www.gettriforce.com/product/bitrocker-bitlocker-recovery-key-identifier/

Read Eric's testing here: https://binaryforay.blogspot.com/2016/09/let-benchmarks-hit-floor-autopsy-vs.html

Sep 2, 2016

The Forensic Lunch!

The twice a month live videocast/podcast all about #DFIR!

This broadcast is all about running an isolated virtual network on Intels newest NUC, the Skull Canyon. Watch the video to see us demonstrate running 5 vms in an isolated virtual network on a small, fast and low powered portable system.

You can get the Intel NUC Skull Canyon at amazon here: https://smile.amazon.com/Intel-NUC-Ki...

or at your local Microcenter or Fry's

This is the M.2 NVME SSD Drive I'm using to get 2GB/s reads and 1.5GB/s writes: https://smile.amazon.com/Samsung-950-...

This is the memory I used: https://smile.amazon.com/Crucial-16GB...

Here is the link to the free version of ESXI v6: https://my.vmware.com/en/web/vmware/e...

Expect a blog post where I go through the process

1