The Forensic Lunch Test Kitchen 12/4/17, live testing of forensic artifacts
The Forensic Lunch live with Mark Mckinnon, Brian Moran, Brian Carrier and Jessica Hyde
The Forensic Lunch live with Rebekah Brown
The Forensic Lunch with Chuck Norris, correlation in Arrango DB and shellbags testing
Forensic Lunch With Elizabeth Schweinsberg talking about DFRWS
The Forensic Lunch with Mary Ellen Kennel and Devon Ackerman talking about the AbourDFIR project
This week Jessica Hyde and Brian Moran joined us talking about their research into Amazon Alexa and Google Home.
Live From Enfuse Day 3!
This week with
Lesley Carhart, @hacks4pancakes talking about being the very first Women in Technology solving for X award presented by Guidance Software, hacks4kids and her dfir research interests
Dr. Bradley Shatz, @wirespeed4n6, talking about DFRWS evimetry, aff4 and his new advanced imager
Ashley Hernandez, @ashleyatencase, talking about all the new things coming from guidance regarding Encase Forensic, Endpoint investigator and mobile acquisition/examiner
Steve Whalen from Sumuri, Jake Williams from Rendition Infosec and Dmitry Sumin from Passware
Live with Amber Shroader of Paraben, Matt Bromiley from SANS, Matt Mcfadden Director of training from Opentext/Guidance
The Forensic Lunch!
This week we had:
Cindy Murphy, @CindyMurph
Matt Linton, @0xMatt
Ryan Pittman no @ to be had
talking about how music and forensics goes together and the impact of listening to music on solving technical issues.
Also Matt and I talked about Enfuse as well as stupid shell item tricks.
Paul Shomo comes on to talk about Guidance Software's new Forensic Artifact Research Program where you can get $5,000 USD just for research you are already doing! Find out more here: https://bugcrowd.com/guidancesoftware?preview=114da7695ff86ae70ec01aaf2c6878b0&utm_campaign=9617-Forensic_artifact-20170426&utm_medium=Email&utm_source=Eloqua
Phil Hagen introduced the new SANS Network Forensics poster to be released later this month
Matt Bromiley is talking about the Ken Johnson Scholarship setup by SANS and KPMG you can learn more and apply here https://digital-forensics.sans.org/blog/2017/03/03/ken-johnson-dfir-scholarship
Phil, Matt, Lee and I talked about the DFIR Summit
Lee Whitfield and I talked about the 4Cast Awards, Voting is open here: https://forensic4cast.com/forensic-4cast-awards/
This week have:
Ashley Hernandez from Guidance Software talking about Enfuse
Nicole Ibrahim from G-C Partners talking about event tracing logs in Windows
Lee Whitfield summing up the news of the week
This episode we catch up with Lee on the news and talk about current issues in DFIR.
This episode we talk vault 7 leaks with Lee Whitfield, what it means for DFIR and other news as well as DFIR database usage discussions and development updates with Matthew and I.
Michael Louis joins us to talk about how lawyers select and vet experts. Also talks about Toastmasters and how they teach good presentation skills and analogy creation through their program.
Matt Bromiley is here to announce BBQ Con!
Ryan Benson is here to talk about updates to Hindsight, what he's been up to and his other tool SQUID.
David Dym came on to talk about FAT32 removable storage and the things OSX does to it.
Lee Whitfield comes on to talk about the Forensic 4Cast awards which are now taking nominations.
Jonathan Poling came on to talk about his new blog and his work at Secureworks
Friend of the show Eric Zimmerman is back to talk about updates to his tools and research
Davida and I talk about whats new in our research, tools and packages
Michael Gough talking with us about his tool LOG-MD and his work.
We also go into SRUM again showing new data we can correlate within it.
This episodes is all about Hibernation files and Mark Spencer's company Arsenal Consulting research into it that led to the creation of a new tool called Hibernation Recon.
Live broadcast from OSDF Con 2016
Talking about DCITA, Autopsy and the academic program that Mark McKinnon is running at Davenport.
Sorry about the audio on this one, we had a bad upstream.
The forensic lunch!
The twice a month live videocast/podcast all about #DFIR
This episode we have:
Bradley Schatz of Shatz Forensics and Evimetry, @blschatz, talking about his amazing new toolset Evimetry. Watch this first segment to learn more about AFF4, imaging bottlenecks and how his toolset can allow faster imaging locally, remotely and in cloud while doing a bunch of other really cool stuff!
Learn more about his toolset here: http://evimetry.com/
Scott Wahlstrom of KPMG, @wahlstros, came on to talk about the deployable mobile forensic GoKits KPMG has been testing and using in the field. Cool stuff here if you ever wonder how you can bring an entire analysis lab to a data center for a week.
Lastly Matt and I talk about whats new in Windows 10 Forensics with the following artifacts covered:
Lnk Files
Recent Docs
Shell bags and
Jumplists
Watch a couple times to really understand the impact this will have on your investigations!
The Forensic Lunch!
The videocast/livecast/podcast all about #DFIR!
This week we have Eric Zimmerman talking about the work he did speed and scale testing Encase, FTK and X-ways.
Also Matthew and I talking about our newest tool BitRocker which will expose which recovery keys will unlock a bitlocker encrypted volume.
Get our newest tool BitRocker here: https://www.gettriforce.com/product/bitrocker-bitlocker-recovery-key-identifier/
Read Eric's testing here: https://binaryforay.blogspot.com/2016/09/let-benchmarks-hit-floor-autopsy-vs.html