It's the Forensic Lunch!
The twice a month live videocast/podcast all about DFIR
This episode's guests:
Phil Hagen
Eric Zimmerman
Links:
- Twitter: @SOF_ELK
- Config/code repo: http://for572.com/sof-elk-git
- VM readme (w/ instructions and download link):
It's the Forensic Lunch!
The twice monthly videocast/podcast just about #DFIR join us as we talk about whats new and what new things you can do!
This broadcast we are taking the time to update you on our own tools.
We talked about:
Pancake Viewer, an open source tool to visually explore forensic images and shadow copies (like an open source ftk imager), https://github.com/forensicmatt/PancakeViewer
Event Monkey, an open source and multi threaded event log parser that outputs to sqlite and ElasticSearch, https://github.com/devgc/EventMonkey
Event Monkey Monitor, a tool we are working on releasing that lets you monitor event logs in real time
pytskUSBDeviceForensics, a version of WoanWare's USB Device Forensics program that allows you to feed in images, https://github.com/woanware/usbdeviceforensics/blob/master/pyTskusbdeviceforensics.py
This episode is live from Enfuse with
Jake Williams and Heather Mahalik
Paul Shomo of Guidance Software
Ashley Hernandez of Guidance Software
Jeff Hedlesky of Guidance Software
Forensic Lunch live from EnFuse with Rob Batzloff talking about Encase 8, and James Wiebe talking about new advancements at CRU