Info

The Forensic Lunch with David Cowen and Matthew Seyer

The Forensic Lunch! The twice a month podcast devoted to Digital Forensics and Incident Response!
RSS Feed Subscribe in Apple Podcasts
The Forensic Lunch with David Cowen and Matthew Seyer
2020
September
May
April


2018
June
May


2017
May
April
February


2016
September
August
July
April
March
February
January


2015
November
October
September
August
June


Categories

All Episodes
Archives
Categories
Now displaying: Category: forensic lunch
Aug 25, 2015

Forensic Lunch 11/15/13
This week we have Kristinn Gudjonsson and Ryan Benson with us!

Download Kristinn’s Plaso slides from OSDF here:http://blog.kiddaland.net/2013/11/osd…
See his blog post regarding the visualization module here:http://blog.kiddaland.net/2013/11/vis…
Find the plaso code here: https://code.google.com/p/plaso/

 

Find Ryan’s Chrome history of artifacts chart here:http://www.obsidianforensics.com/blog…
Find Ryan’s tool Hindsight here:http://code.google.com/p/hindsight-in…

Aug 25, 2015

This week we have Sheryl Falk from Winston & Strawn talking about the legal side of breaches, Jonathan Rajewski from Champlain College talking about the undergrad and graduate programs at Champlain and Matthew and myself talking about big new changes in ANJP.

 

Sheryl is sfalk@winston.com
Jonathan is jtrajewski@champlain.edu

Aug 25, 2015

This week on the Forensic Lunch we have David Dym, Rebecca Henderson, Kevin Stokes, Lee Whitfield and myself.

 

Topics include setmace research and testing, automating metadata extraction with shell and com, manual mobile forensics, lab certification and the intern process in DFIR

Aug 25, 2015

IR Roundtable Part 3:

This week on the Forensic Lunch we finished the IR Roundtable with James Lohman and Kyle Maxwell.

Aug 25, 2015

Dave and Matthew talk about the updated GUI for ANJP, finding the actions programs leave behind in the file system to create signatures and more!

Aug 25, 2015

Forensic Lunch 10/11/13 IR Roundtable Part 2

Join us this week as we continue our IR Roundtable from last week with:
Darren Windham (NGO)
Joseph Shaw (Alvarez)
Kyle Maxwell (Verizon)
James Lohman (G-C)

Great topics regarding how to deal with and scope data exfiltration and dealing with lateral movement and attacker intelligence.

Aug 25, 2015

IR Roundtable Part 1

Forensic Lunch this week is a IR Round Table with:
James Lohman (G-C Partners)
Kyle Maxwell (Verizon Business)
Darren Windham (NGO)

Talking about methodologies for approaching incidents, triaging malware and showing ROI to executives

Aug 25, 2015

Guests this week:
Harlan Carvey
Zoltan Szabo
Jake Williams

Links for today:
Harlan's Blog: http://windowsir.blogspot.com/
Zoltan's Associates Degree: https://www1.dcccd.edu/catalog/progra...
Jake's FOR 610 Class: http://www.sans.org/vlive/details/for...

Aug 25, 2015

Links for this week:

For the VCDB You can get an overview here:
http://public.tableausoftware.com/vie... for VCDB.
The VCDB Github is located here:
https://github.com/vz-risk/VCDB
And the currently open issues is here:
https://github.com/vz-risk/VCDB/issue...

You can visit Tzworks here:
https://www.tzworks.net/

And get the tools shown today here:
LNK Parser: https://www.tzworks.net/prototype_pag...
Jump list parser: https://www.tzworks.net/prototype_pag...
Shellbag parser: https://www.tzworks.net/prototype_pag...
GENA here: https://www.tzworks.net/prototype_pag...

Aug 25, 2015

Joachim Metz and Kyle Maxwell talk about maintaining a forensics encylopedia that is accessable to everyone and more!

Aug 25, 2015

Eric Zimmerman discusses forensic imaging tools performance

Phil Hagen talks about his new SANS 572 course

Lee Whitfield asks about building a good forensics box

Aug 25, 2015

Kyle Maxwell talks about CryptoParty

James discusses Outlook Message Conversation Index

Dave and Matt show their Plist Parser

Aug 25, 2015

James talks about parsing MAPI information with a new script.

Kyle talks about research into public data breaches.

Joseph Shaw discusses the insider incidents.

Aug 25, 2015

Recap of the crimes against children conference and a tool update with Brian Lockery
Troubles trying to integrate TSK with Perl
The new book website!
The experience and value of a bachelors in computer forensics and more!

Aug 25, 2015

David Nides discussing efforts with Plaso.

Joseph Shaw talks about file system forensics.

Kyle discusses the Black Hat defcon challenge.

Aug 25, 2015

Talking about HTML5 Offline cache forensics with Blazer Catzen
Life as an internal forensic investigator with Brandon Foley
Update on Shadowkit with David Dym
Plist carving, parsing and embedded plists within plists
Update on the NTFS Triforce
and more!

 

Link to shadowkit: http://redrocktx.blogspot.com/p/shado…
Link to fiddler: http://fiddler2.com/ (windows ssl proxy)
Link to charles: http://www.charlesproxy.com/ (mac ssl proxy)
Link to honeyproxy: http://honeyproxy.org/ (open source ssl proxy)

Aug 25, 2015

Dave Cowen and Matt Seyer talk about Triforce updates, take questions.

Jun 4, 2015

Episode 23 with David Cowen, Matthew Seyer, Christian Prickaerts, Carlos Cajigas and Kevin Stokes

« Previous 1 2 3