Listen to a podcast, please open Podcast Republic app. Available on Google Play Store and Apple App Store.
Episode | Date |
---|---|
DFSP # 428 - It’s all about that XML
|
Apr 30, 2024 |
DFSP # 427 - MOF Balls
|
Apr 23, 2024 |
DFSP # 426 - SSH Forensics: Log Analysis
|
Apr 16, 2024 |
DFSP # 425 - SSH Forensics: Host-Based Artifacts
|
Apr 09, 2024 |
DFSP # 424 - SSH Forensics: Understanding Secure Shell
|
Apr 02, 2024 |
DFSP # 423 - Guiding Lights: Cyber Investigations Investigation Lifecycle
|
Mar 26, 2024 |
DFSP # 422 - EVTX Express: Cracking into Windows Logs Like a Pro
|
Mar 19, 2024 |
DFSP # 421 - Memory Lane: Fileless Linux Attacks Unraveled
|
Mar 12, 2024 |
DFSP # 420 - Failing, Stopping and Crashing
|
Mar 05, 2024 |
DFSP # 419 - What the Flux
|
Feb 27, 2024 |
DFSP # 418 - Core Insights: Navigating MFT in Forensics
|
Feb 20, 2024 |
DFSP # 417 - Unlocking Linux Secrets
|
Feb 13, 2024 |
DFSP # 416 - Persistence Mechanisms on Windows
|
Feb 06, 2024 |
DFSP # 415 - Dealing with Third-Party Incidents
|
Jan 30, 2024 |
DFSP # 414 - CRON Forensics
|
Jan 23, 2024 |
DFSP # 413 - Ransomware Initial Response
|
Jan 16, 2024 |
DFSP # 412 - Conhost Forensics
|
Jan 09, 2024 |
DFSP # 411 - NTLM Credential Validation
|
Jan 02, 2024 |
DFSP # 410 - Linux Temp Directories
|
Dec 26, 2023 |
DFSP # 409 - Regsvcs and Regasm Abuse
|
Dec 19, 2023 |
DFSP # 408 - Nesting
|
Dec 12, 2023 |
DFSP # 407 - More About Lateral Movement and Kerberos
|
Dec 05, 2023 |
DFSP # 406 - All the BIN Directories
|
Nov 28, 2023 |
DFSP # 405 - Werfault Attacks
|
Nov 21, 2023 |
DFSP # 404 - Certutil Attacks
|
Nov 14, 2023 |
DFSP # 403 - Lateral Movement Kerberos Auth Events
|
Nov 07, 2023 |
DFSP # 402 - Linux Root Directory Files for DFIR
|
Oct 31, 2023 |
DFSP # 401 - INF Fetch Execute
|
Oct 24, 2023 |
DFSP # 400 - CMSTP
|
Oct 17, 2023 |
DFSP # 399 - Lateral Movement Failed Logon Events
|
Oct 10, 2023 |
DFSP # 398 - OODA & JOHARI
|
Oct 03, 2023 |
DFSP # 397 - Linux Home Directory Files for DFIR
|
Sep 26, 2023 |
DFSP # 396 - URL Leak
|
Sep 19, 2023 |
DFSP # 395 - Lateral Movement and Admin Logons
|
Sep 12, 2023 |
DFSP # 394 - Functional Documentation
|
Sep 05, 2023 |
DFSP # 393 - Linux Subsystems for Windows
|
Aug 29, 2023 |
DFSP # 392 - Simulation Training
|
Aug 22, 2023 |
DFSP # 391 - Investigation Lifecycle
|
Aug 15, 2023 |
DFSP # 390 - SSH Triage
|
Aug 08, 2023 |
DFSP # 389 - $Usnrl
|
Aug 01, 2023 |
DFSP # 388 - Web 3.0 Talk with SUMURI
|
Jul 25, 2023 |
DFSP # 387 - Network Share Modifications
|
Jul 18, 2023 |
DFSP # 386- The Three Task Hosts
|
Jul 11, 2023 |
DFSP # 385 - Network Share Access
|
Jul 04, 2023 |
DFSP # 384 - Cloud Talk with SUMURI
|
Jun 27, 2023 |
DFSP # 383 - WMI Exploitation
|
Jun 20, 2023 |
DFSP # 382 - Protocol Buffers
|
Jun 13, 2023 |
DFSP # 381 - Spoliation
|
Jun 06, 2023 |
DFSP # 380 - Ransomware Talk with SUMURI
|
May 30, 2023 |
DFSP # 379 - New Process Creation
|
May 23, 2023 |
DFSP # 378 - SVCHOST Revisited
|
May 16, 2023 |
DFSP # 377 - Interview with Yugal Pathak
|
May 09, 2023 |
DFSP # 376 - Zero-Day and DFIR
|
May 02, 2023 |
DFSP # 375 - More AI with SUMURI
|
Apr 25, 2023 |
DFSP # 374 - SRUM
|
Apr 18, 2023 |
DFSP # 373 - Linux File Poisoning
|
Apr 11, 2023 |
DFSP # 372 - Windows Processes
|
Apr 04, 2023 |
DFSP # 371 - AI with SUMURI
|
Mar 28, 2023 |
DFSP # 370 - UserAssist
|
Mar 21, 2023 |
DFSP # 369 - Linux Malware
|
Mar 14, 2023 |
DFSP # 368 - SVCHOST
|
Mar 07, 2023 |
DFSP # 367 - Shimcache Amcache
|
Feb 28, 2023 |
DFSP # 366 - Linux File System
|
Feb 21, 2023 |
DFSP # 365 - CVSS Triage
|
Feb 14, 2023 |
DFSP # 364 - Network Triage
|
Feb 07, 2023 |
DFSP # 363 - RDP Forensics
|
Jan 31, 2023 |
DFSP # 362 - Windows Core Processes
|
Jan 24, 2023 |
DFSP # 361 - Powershell Breakdown
|
Jan 17, 2023 |
DFSP # 360 - Permitted Events
|
Jan 10, 2023 |
DFSP # 359 - Career Checkpoint
|
Jan 03, 2023 |
DFSP # 358 - Listening Ports
|
Dec 27, 2022 |
DFSP # 357 - EVTX Analysis
|
Dec 20, 2022 |
DFSP # 356 - CMD Triage
|
Dec 13, 2022 |
DFSP # 355 - Network Triage
|
Dec 06, 2022 |
DFSP # 354 - Fast Triage
|
Nov 29, 2022 |
DFSP # 353 - Webshells
|
Nov 22, 2022 |
DFSP # 352 - Startup Locations
|
Nov 15, 2022 |
DFSP # 351 - Prefetch
|
Nov 08, 2022 |
DFSP # 350 - Linux Fileless Attacks
|
Nov 01, 2022 |
DFSP # 349 - Registry Modification Events
|
Oct 25, 2022 |
DFSP # 348 - Root Cause
|
Oct 18, 2022 |
DFSP # 347 - Weblogs
|
Oct 11, 2022 |
DFSP # 346 - Masquerading
|
Oct 04, 2022 |
DFSP # 345 - AutoRuns
|
Sep 27, 2022 |
DFSP # 344 - Mac Spotlight DB
|
Sep 20, 2022 |
DFSP # 343 - Registry aka The Dungeon Maze
|
Sep 13, 2022 |
DFSP # 342 - FLUX It
|
Sep 06, 2022 |
DFSP # 341 - Those other taskers
|
Aug 30, 2022 |
DFSP # 340 - PSEXEC, ready or not
|
Aug 23, 2022 |
DFSP # 339 - That SUDO that you do
|
Aug 16, 2022 |
DFSP # 338 - Taskers
|
Aug 09, 2022 |
DFSP # 337 - ResponderCon
|
Aug 02, 2022 |
DFSP # 336 - BAM!
|
Jul 26, 2022 |
DFSP # 335 - CRON
|
Jul 19, 2022 |
DFSP # 334 - Service Changes
|
Jul 12, 2022 |
DFSP # 333 - Mac Autoruns
|
Jul 05, 2022 |
DFSP # 332 - Bash Histories
|
Jun 28, 2022 |
DFSP # 331 - New Services
|
Jun 21, 2022 |
DFSP # 330 - Certifications
|
Jun 14, 2022 |
DFSP # 329 - Shellbags
|
Jun 07, 2022 |
DFSP # 328 - Linux Executables
|
May 31, 2022 |
DFSP # 327 - Persistence Part 1
|
May 24, 2022 |
DFSP # 326 - MFT
|
May 17, 2022 |
DFSP # 325 - Malware Triage Part 2
|
May 10, 2022 |
DFSP # 324 - Malware Triage Part 1
|
May 03, 2022 |
DFSP # 323 - SRUM
|
Apr 26, 2022 |
DFSP # 322 - Live evidence integrity
|
Apr 19, 2022 |
DFSP # 321 - URL Leaks
|
Apr 12, 2022 |
DFSP # 320 - Lateral MM and Event Logs
|
Apr 05, 2022 |
DFSP # 319 - Shellbags
|
Mar 29, 2022 |
DFSP # 318 - Rust and Chainsaw
|
Mar 22, 2022 |
DFSP # 317 - UserAssist
|
Mar 15, 2022 |
DFSP # 316 - Cloud Traffic Security
|
Mar 08, 2022 |
DFSP # 315 - ARTHIR
|
Mar 01, 2022 |
DFSP # 314 - Future of Cyber Security
|
Feb 22, 2022 |
DFSP # 313 - Shimcache and Amcache
|
Feb 15, 2022 |
DFSP # 312 - Cloud Network Security Services
|
Feb 08, 2022 |
DFSP # 311 - Data Spoliation Fast Triage
|
Feb 01, 2022 |
DFSP # 310 - Cloud Network Segmentation
|
Jan 25, 2022 |
DFSP # 309 - Insider Threats
|
Jan 18, 2022 |
DFSP # 308 - Cloud Access Controls
|
Jan 11, 2022 |
DFSP # 307 - Career Strategy Checkup
|
Jan 04, 2022 |
DFSP # 306 - Lateral MM Fast Triage 5
|
Dec 28, 2021 |
DFSP # 305 - CSA Cloud Threats 8
|
Dec 21, 2021 |
DFSP # 304 - Detecting File Poisoning on Linux
|
Dec 14, 2021 |
DFSP # 303 - Mac Artifacts with SUMURI
|
Dec 07, 2021 |
DFSP # 302 - Lateral MM Fast Triage 4
|
Nov 30, 2021 |
DFSP # 301 - OSDFCON 2021
|
Nov 23, 2021 |
DFSP # 300 - Case Study Ocean Lotus
|
Nov 16, 2021 |
DFSP # 299 - Malicious Powershell with Blumira
|
Nov 09, 2021 |
DFSP # 298 - Mac Forensics with SUMURI
|
Nov 02, 2021 |
DFSP # 297 - Nested Groups
|
Oct 26, 2021 |
DFSP # 296 - Case Study Turla-Comrat
|
Oct 19, 2021 |
DFSP # 295 - Ransomware with Blumira
|
Oct 12, 2021 |
DFSP # 294 - CSA Cloud Threats 7
|
Oct 05, 2021 |
DFSP # 293 - Case Study: Ransomware
|
Sep 28, 2021 |
DFSP # 292 - Top Cloud Threats with Blumira
|
Sep 21, 2021 |
DFSP # 291 - Lateral MM Fast Triage 3
|
Sep 14, 2021 |
DFSP # 290 - Mac Training with SUMURI
|
Sep 07, 2021 |
DFSP # 289 - Framing Root Cause
|
Aug 31, 2021 |
DFSP # 288 - Max DFIR Impact
|
Aug 24, 2021 |
DFSP # 287 - CSA Cloud Threats 6
|
Aug 17, 2021 |
DFSP # 286 - Lateral MM Fast Triage 2 [5145]
|
Aug 10, 2021 |
DFSP # 285 - Linux Malware Triage
|
Aug 03, 2021 |
DFSP # 284 - Fast Triage case study: non-Windows core processes
|
Jul 27, 2021 |
DFSP # 283 - CSA Cloud Threats 5
|
Jul 20, 2021 |
DFSP # 282 - Lateral MM Fast Triage
|
Jul 13, 2021 |
DFSP # 281 - Fast Triage case study: persistence
|
Jul 06, 2021 |
DFSP # 280 - Malware Fast Triage
|
Jun 29, 2021 |
DFSP # 279 - CSA Cloud Threats 4
|
Jun 22, 2021 |
DFSP # 278 - Process Triage & CMD
|
Jun 15, 2021 |
DFSP # 277 - Learning from the Red Team II
|
Jun 08, 2021 |
DFSP # 276 - CVSS Fast Analysis
|
Jun 01, 2021 |
DFSP # 275 - dotNET
|
May 25, 2021 |
DFSP # 274 - Powershell Revisited
|
May 18, 2021 |
DFSP # 273 - CSA Cloud Threats 3
|
May 11, 2021 |
DFSP # 272 - 4688
|
May 04, 2021 |
DFSP # 271 - DREAD and STRIDE
|
Apr 27, 2021 |
DFSP # 270 - CAPEC
|
Apr 20, 2021 |
DFSP # 269 - Svchost Revisited
|
Apr 13, 2021 |
DFSP # 268 - CSA Cloud Threats 2
|
Apr 06, 2021 |
DFSP # 267 - Sunscreen
|
Mar 30, 2021 |
DFSP # 266 - Windows non-core processes
|
Mar 23, 2021 |
DFSP # 265 - CSA Cloud Threats 1
|
Mar 16, 2021 |
DFSP # 264 - Golden SAML
|
Mar 09, 2021 |
DFSP # 263 - Threat Hunt with Statistics
|
Mar 02, 2021 |
DFSP # 262 - Security Theatre
|
Feb 23, 2021 |
DFSP # 261 - Wincore Processes Revisited part 2
|
Feb 16, 2021 |
DFSP # 260 - Learn from the Red Team
|
Feb 09, 2021 |
DFSP # 259 - Wincore Processes Revisited part 1
|
Feb 02, 2021 |
DFSP # 258 - Network Triage Part 4
|
Jan 26, 2021 |
DFSP # 257 - Supply Chain Attacks
|
Jan 19, 2021 |
DFSP # 256 - Kernel Process Masquerading
|
Jan 12, 2021 |
DFSP # 255 - The Worship of Intelligence in Tech
|
Jan 05, 2021 |
DFSP # 254 - Network Triage Part 3
|
Dec 29, 2020 |
DFSP # 253 - Network Triage Part 2
|
Dec 22, 2020 |
DFSP # 252 - Werfault
|
Dec 15, 2020 |
DFSP # 251 - The Rise of Crypto SIM Swapping
|
Dec 08, 2020 |
DFSP # 250 - Network Triage Part 1
|
Dec 01, 2020 |
DFSP # 249 - Linux Fileless Attacks
|
Nov 24, 2020 |
DFSP # 248 - Searchsploit
|
Nov 17, 2020 |
DFSP # 247 - Startup Locations
|
Nov 10, 2020 |
DFSP # 246 - Investigation Lifecycle
|
Nov 03, 2020 |
DFSP # 245 - Fetch and Execute
|
Oct 27, 2020 |
DFSP # 244 - Registry Persistence Part 3
|
Oct 20, 2020 |
DFSP # 243 - Stomping the Clock
|
Oct 13, 2020 |
DFSP # 242 - Registry Persistence Part 2
|
Oct 06, 2020 |
DFSP # 241 - Forensic Hardware
|
Sep 29, 2020 |
DFSP # 240 - MDM
|
Sep 22, 2020 |
DFSP # 239 - Registry Persistence Part 1
|
Sep 15, 2020 |
DFSP # 238 - Bash Attacks
|
Sep 08, 2020 |
DFSP # 237 - Attack Shimming
|
Sep 01, 2020 |
DFSP # 236 - Apple FSEvents
|
Aug 25, 2020 |
DFSP # 235 - Scheduled Task Change
|
Aug 18, 2020 |
DFSP # 234 - Divide & Conquer with Brian Carrier
|
Aug 11, 2020 |
DFSP # 233 - New Scheduled Tasks
|
Aug 04, 2020 |
DFSP # 232 - Exam Process - Soup-to-Nuts
|
Jul 28, 2020 |
DFSP # 231 - Service Change Triage
|
Jul 21, 2020 |
DFSP # 230 - User Activity Artifacts
|
Jul 14, 2020 |
DFSP # 229 - Mobile Attacks Part 2
|
Jul 07, 2020 |
DFSP # 228 - Psychology of Reporting
|
Jun 30, 2020 |
DFSP # 227 - New Service Triage
|
Jun 23, 2020 |
DFSP # 226 - User Logons
|
Jun 16, 2020 |
DFSP # 225 - Mobile Device Attacks
|
Jun 09, 2020 |
DFSP # 224 - Conhost Forensics
|
Jun 02, 2020 |
DFSP # 223 - Apple Meta
|
May 26, 2020 |
DFSP # 222 - User Enumeration
|
May 19, 2020 |
DFSP # 221 - Mobile Device Security
|
May 12, 2020 |
DFSP # 220 - Mobile Forensics For New Investigators
|
May 05, 2020 |
DFSP # 219 - Forensic Grab Bag
|
Apr 28, 2020 |
DFSP # 218 - Plaso & Elk Timelines
|
Apr 21, 2020 |
DFSP # 217 - Static Malware Analysis
|
Apr 14, 2020 |
DFSP # 216 - DHASH
|
Apr 07, 2020 |
DFSP # 215 - CMSTP Forensics
|
Mar 31, 2020 |
DFSP # 214 - CyberChef
|
Mar 24, 2020 |
DFSP # 213 - Trusted Developer Utilities
|
Mar 17, 2020 |
DFSP # 212 - Learning Python
|
Mar 10, 2020 |
DFSP # 211 - Mac Forensics with Steve Whalen
|
Mar 03, 2020 |
DFSP # 210 - Pivot Tables for Forensics
|
Feb 25, 2020 |
DFSP # 209 - Mac Autoruns
|
Feb 18, 2020 |
DFSP # 208 - Persistence Fast Triage
|
Feb 11, 2020 |
DFSP # 207 - Forensic Grab Bag
|
Feb 04, 2020 |
DFSP # 206 - Certutil Abuse
|
Jan 28, 2020 |
DFSP # 205 - Layered Drivers
|
Jan 21, 2020 |
DFSP # 204 - SOF ELK
|
Jan 14, 2020 |
DFSP # 203 - Profile of a modern analyst
|
Jan 07, 2020 |
DFSP # 202 - Base64 Forensics
|
Dec 31, 2019 |
DFSP # 201 - Regsvcs Triage
|
Dec 24, 2019 |
DFSP # 200 - Audit Log Clearing
|
Dec 17, 2019 |
DFSP # 199 - Hashdeep
|
Dec 10, 2019 |
DFSP # 198 - Linux Malware Detect
|
Dec 03, 2019 |
DFSP # 197 - Approaching Network Forensics
|
Nov 26, 2019 |
DFSP # 196 - autoLLR
|
Nov 19, 2019 |
DFSP # 195 – BAM!
|
Nov 15, 2019 |
DFSP # 194 - Powershell Collection Tools
|
Nov 05, 2019 |
DFSP # 193 - LOKI
|
Oct 29, 2019 |
DFSP # 192 - KAPE
|
Oct 22, 2019 |
DFSP # 191 - Linux File Systems
|
Oct 15, 2019 |
DFSP # 190 - Dead Simple Boot Disks
|
Oct 09, 2019 |
DFSP # 188 - Container Attack Vectors
|
Oct 01, 2019 |
DFSP # 187 - SUDOERS File and Forensics
|
Oct 01, 2019 |
DFSP # 186 - Powershell Forensics
|
Oct 01, 2019 |
DFSP # 189 - NVMe
|
Oct 01, 2019 |
DFSP # 185 - Understanding Linux Executables
|
Sep 30, 2019 |
DFSP # 184 - Cloud Incident Response
|
Aug 27, 2019 |
DFSP # 183 - WMI Forensics
|
Aug 20, 2019 |
DFSP # 182 - Density Scout
|
Aug 13, 2019 |
DFSP # 181 - Remote Execution One-Liners
|
Aug 06, 2019 |
DFSP # 180 - Credential Guard
|
Jul 30, 2019 |
DFSP # 179 - OWASP: Insufficient logging and monitoring
|
Jul 23, 2019 |
DFSP # 178 - Attacker Recon Commands
|
Jul 16, 2019 |
DFSP # 177 - PSEXEC Forensics
|
Jul 09, 2019 |
DFSP # 176 - Cloud Incident Response
|
Jul 02, 2019 |
DFSP # 175 - OWASP: Components with Known Vulnerabilities
|
Jun 25, 2019 |
DFSP # 174 - The VMEM Experience
|
Jun 18, 2019 |
DFSP # 173 - Cloud Incident Response
|
Jun 11, 2019 |
DFSP # 172 - High Optane
|
Jun 04, 2019 |
DFSP # 171 - OWASP: Breakfast Cereal
|
May 28, 2019 |
DFSP # 170 - The Crypto-Landscape
|
May 21, 2019 |
DFSP # 169 - Will The Future Kill DFIR?
|
May 14, 2019 |
DFSP # 168 - Is CEH Still Relevant?
|
May 07, 2019 |
DFSP # 167 - OWASP: XSS
|
Apr 30, 2019 |
DFSP # 166 - SVCHOST Abuse
|
Apr 23, 2019 |
DFSP # 165 - Windows Core Processes
|
Apr 16, 2019 |
DFSP # 164 - Mobile Device Compromise Assessment
|
Apr 09, 2019 |
DFSP # 163 - DFIR Job Interviews
|
Apr 02, 2019 |
DFSP # 162 - OWASP: Security Misconfigurations
|
Mar 26, 2019 |
DFSP # 161 - Social Engineering Toolkit
|
Mar 19, 2019 |
DFSP # 160 - Serpico
|
Mar 12, 2019 |
DFSP # 159 - Linux Triage
|
Mar 05, 2019 |
DFSP # 158 - OWASP: Broken Access Control
|
Feb 26, 2019 |
DFSP # 157 - File Comparison Strategies
|
Feb 19, 2019 |
DFSP # 156 - B2B: Career Maintenance
|
Feb 12, 2019 |
DFSP # 155 - YARA Almighty
|
Feb 05, 2019 |
DFSP # 154 - OWASP: XXE
|
Jan 29, 2019 |
DFSP # 153 - Google Dorks
|
Jan 22, 2019 |
DFSP # 152 - CEWL
|
Jan 15, 2019 |
DFSP # 151 - Autoweb Project
|
Jan 08, 2019 |
DFSP # 150 - AppLocker Bypass
|
Jan 03, 2019 |
DFSP # 149 - OWASP: Sensitive Data Exposure
|
Dec 27, 2018 |
DFSP # 148 - Threat Hunting Tips
|
Dec 18, 2018 |
DFSP # 147 - Webshell Breakdown
|
Dec 11, 2018 |
DFSP # 146 - Mimikatz Detection
|
Dec 04, 2018 |
DFSP # 145 - PDF Forensics
|
Nov 27, 2018 |
DFSP # 144 - OWASP: Broken Authentication
|
Nov 20, 2018 |
DFSP # 143 - Tips from the Trenches
|
Nov 13, 2018 |
DFSP # 142 - CRON 101
|
Nov 06, 2018 |
DFSP # 141 - Logon Triage
|
Oct 30, 2018 |
DFSP # 140 - PCAP Hunting
|
Oct 23, 2018 |
DFSP # 139 - Linux Crypto-Mining Malware Tactics
|
Oct 16, 2018 |
DFSP # 138 - OWASP Top 10
|
Oct 09, 2018 |
DFSP # 137 - Fast Flux
|
Oct 02, 2018 |
DFSP # 136 - Scheduled Task Triage Part 2
|
Sep 25, 2018 |
DFSP # 135 - Scheduled Task Triage Part 1
|
Sep 18, 2018 |
DFSP # 134 -OfficeMalScanner
|
Sep 11, 2018 |
DFSP # 133 - Know Thy Logs
|
Sep 04, 2018 |
DFSP # 132 - Root Cause
|
Aug 28, 2018 |
DFSP # 131 - PIDS
|
Aug 21, 2018 |
DFSP # 130 - Network Scoping
|
Aug 14, 2018 |
DFSP # 129 - Excel Fu for Frequency Analysis
|
Aug 07, 2018 |
DFSP # 128 - GREP vs SED vs AWK
|
Jul 31, 2018 |
DFSP # 127 - DNS & Forensics
|
Jul 24, 2018 |
DFSP # 126 - Star Grepping
|
Jul 17, 2018 |
DFSP # 125 - Distributed Hash Cracking
|
Jul 10, 2018 |
DFSP # 124 - iOS USB Restricted Mode
|
Jul 03, 2018 |
DFSP # 123 - IP Triage
|
Jun 26, 2018 |
DFSP # 122 - ATT&CK Matrix
|
Jun 19, 2018 |
DFSP # 121 - Adventures in Scripting
|
Jun 12, 2018 |
DFSP # 120 - Rita
|
Jun 05, 2018 |
DFSP # 119 - MFT2CSV
|
May 29, 2018 |
DFSP # 118 - .bash_history forensics
|
May 22, 2018 |
DFSP # 117 - USNJRNL Tool Review
|
May 15, 2018 |
DFSP # 116 - Automatic Detection of Malware from Memory Analysis
|
May 08, 2018 |
DFSP # 115 - Prefetch Tools
|
May 01, 2018 |
DFSP # 114 - Go Norse!
|
Apr 24, 2018 |
DFSP # 113 - Dead Simple Timelines
|
Apr 17, 2018 |
DFSP # 112 - Port Forensics?
|
Apr 10, 2018 |
DFSP # 111 - Network Triage
|
Apr 03, 2018 |
DFSP # 110 - Web Browser Forensics with Foxton
|
Mar 27, 2018 |
DFSP # 109 - OLEDump
|
Mar 20, 2018 |
DFSP # 108 - Under the Radare
|
Mar 13, 2018 |
DFSP # 106 - Cryptocurrency 1-2-3
|
Feb 27, 2018 |
DFSP # 105 - from Zero to JTAG
|
Feb 20, 2018 |
DFSP # 104 - UserAssist Forensics
|
Feb 13, 2018 |
DFSP # 103 - B2B USB Forensics
|
Feb 06, 2018 |
DFSP # 102 - B2B Windows Explorer
|
Jan 30, 2018 |
DFSP # 101 - B2B Shellbags
|
Jan 23, 2018 |
DFSP # 100 - B2B Shimcache
|
Jan 16, 2018 |
DFSP # 099 - B2B with Prefetch
|
Jan 09, 2018 |
DFSP # 098 - Back to basics 2018
|
Jan 02, 2018 |
DFSP # 097 - The Main Event
|
Dec 26, 2017 |
DFSP # 096 - OS X Unified Logging
|
Dec 19, 2017 |
DFSP # 095 - freE-DISCOVERY?
|
Dec 12, 2017 |
DFSP # 094 - 31 Flavors of Malware Analyst
|
Dec 05, 2017 |
DFSP # 093 - Chocolate Peanut Butter Moment
|
Nov 28, 2017 |
DFSP # 092 - New Apple File System
|
Nov 21, 2017 |
DFSP # 091 - Red Team Field Manual
|
Nov 14, 2017 |
DFSP # 090 - Microsoft Evaluation Center
|
Nov 07, 2017 |
DFSP # 089 - So you want to DFIR?
|
Oct 31, 2017 |
DFSP # 088 - Perfect Execution
|
Oct 24, 2017 |
DFSP # 087 - DFIR Degrees
|
Oct 17, 2017 |
DFSP # 086 - BambiRaptor
|
Oct 10, 2017 |
DFSP # 085 - Leggo my Stego
|
Oct 03, 2017 |
DFSP # 084 - Blue Team Field Manual
|
Sep 26, 2017 |
DFSP # 083 - cree.py
|
Sep 19, 2017 |
DFSP # 082 - iPhone Forensics on the Cheap
|
Sep 12, 2017 |
DFSP # 081 - OS X Collector
|
Sep 05, 2017 |
DFSP # 080 - DFIR Operational Assessment
|
Aug 29, 2017 |
DFSP # 079 - Thoughts on DASH Forensics
|
Aug 22, 2017 |
DFSP # 078 - Bitcoin Forensics
|
Aug 15, 2017 |
DFSP # 077 - Crypto Currency 101
|
Aug 08, 2017 |
DFSP # 076 - Strings!
|
Aug 01, 2017 |
DFSP # 075 - Capturing Websites as Evidence
|
Jul 25, 2017 |
DFSP # 074 - Detecting Lateral Movement
|
Jul 18, 2017 |
DFSP # 073 - Jump Lists
|
Jul 11, 2017 |
DFSP # 072 - Free Training & Free Beer
|
Jul 04, 2017 |
DFSP # 071 - Automated Malware Triage
|
Jun 27, 2017 |
DFSP # 070 - Notepad++
|
Jun 20, 2017 |
DFSP # 069 - Automated Memory Triage
|
Jun 13, 2017 |
DFSP # 068 - Is Scanning On-Scene Legit?
|
Jun 06, 2017 |
DFSP # 067 - IR A-Z
|
May 30, 2017 |
DFSP # 066 - Skype Forensics
|
May 23, 2017 |
DFSP # 065 - Is CSA+ Certification right for you?
|
May 16, 2017 |
DFSP # 064 - Chrome Forensics
|
May 09, 2017 |
DFSP # 063 - Bulk Extractor
|
May 02, 2017 |
DFSP # 062 - Building a Forensic VM with VirtualBox
|
Apr 25, 2017 |
DFSP # 061 - Firefox Forensics
|
Apr 18, 2017 |
DFSP # 060 - Browsing on the Edge
|
Apr 11, 2017 |
DFSP # 059 - Thumbcache Forensics
|
Apr 04, 2017 |
DFSP # 058 - Linux FU&K Artifacts
|
Mar 28, 2017 |
DFSP # 057 - Webmail Collections
|
Mar 21, 2017 |
DFSP # 056 - Surviving Solid State Drives
|
Mar 14, 2017 |
DFSP # 055 - Automated Host Intelligence
|
Mar 07, 2017 |
DFSP # 054 - Surviving the Conference Season
|
Feb 28, 2017 |
DFSP # 053 - Top FU&K Plugins
|
Feb 21, 2017 |
DFSP # 052 - Free Your Mind
|
Feb 14, 2017 |
DFSP # 051 - Analyzing PE Signatures
|
Feb 07, 2017 |
DFSP # 050 - Virtual Machine Forensics
|
Jan 31, 2017 |
DFSP # 049 - Get your SRUM on!
|
Jan 24, 2017 |
DFSP # 048 - Evidence Integrity On-Scene
|
Jan 17, 2017 |
DFSP # 047 - Epoch Time Survival
|
Jan 10, 2017 |
DFSP # 046 - DFIR New Year
|
Jan 03, 2017 |
DFSP # 045 - RUN DMA
|
Dec 27, 2016 |
DFSP # 044 - Automated File Intelligence
|
Dec 20, 2016 |
DFSP # 043 - Imaging a Mac: Survival Tips
|
Dec 13, 2016 |
DFSP # 042 - Windows 10 Prefetch
|
Dec 06, 2016 |
DFSP # 041 - Trash Talkin'
|
Nov 29, 2016 |
DFSP # 040 - Mac Log Files
|
Nov 22, 2016 |
DFSP # 039 - Apache Weblogs & SDF Announcement
|
Nov 15, 2016 |
DFSP # 038 - Finder Sidebar Forensics
|
Nov 08, 2016 |
DFSP # 037 - The DFIRONOMICON
|
Nov 01, 2016 |
DFSP # 036 - iCloud Forensic Evidence
|
Oct 25, 2016 |
DFSP # 035 - "Recent" File Listings on a Mac
|
Oct 18, 2016 |
DFSP # 034 - Forensic tools for your Mac
|
Oct 11, 2016 |
DFSP # 033 - PLISTS for Mac Triage
|
Oct 04, 2016 |
DFSP # 032 - Mac Formats, Libraries & Keychains
|
Sep 27, 2016 |
DFSP # 031 - Mac User Home Folder
|
Sep 20, 2016 |
DFSP # 030 - OS X Spotlight
|
Sep 13, 2016 |
DFSP # 029 - Mac Cooties?!
|
Sep 06, 2016 |
DFSP # 028 - Microcast
|
Aug 30, 2016 |
DFSP # 027 – Mac as a forensic platform
|
Aug 23, 2016 |
DFSP # 026 - File Juicer
|
Aug 16, 2016 |
DFSP # 025 - RAM Extraction Tools - Part 2
|
Aug 09, 2016 |
DFSP # 024 - RAM Extraction Tools - Part 1
|
Aug 02, 2016 |
DFSP # 023 - Battle Royale: FTK vs EnCase vs WinHEX
|
Jul 25, 2016 |
DFSP # 022 - DFIR Certification Planning & Considerations
|
Jul 19, 2016 |
DFSP # 021 - The Honeynet Project
|
Jul 12, 2016 |
DFSP # 020 - Amcache Forensics - Find Evidence of App Execution
|
Jul 05, 2016 |
DFSP # 019 - Password Cracking with Hashcat
|
Jun 28, 2016 |
DFSP # 018 - John the Ripper
|
Jun 20, 2016 |
DFSP # 017 - Cracking Passwords with Cain
|
Jun 13, 2016 |
DFSP # 0016 - Password Psychology
|
Jun 06, 2016 |
DFSP # 015 - $UsnJrnl File
|
May 31, 2016 |
DFSP # 014 - Shimcache
|
May 23, 2016 |
DFSP # 013 - Windows 10 Artifacts
|
May 16, 2016 |
DFSP # 012 - Just-Metadata
|
May 09, 2016 |
DFSP # 011 - PALADIN
|
May 02, 2016 |
DFSP # 010 - Investigation Survival Tips
|
Apr 25, 2016 |
DFSP #009 - Linux for Computer Forensics
|
Apr 18, 2016 |
DFSP # 008 - Virtual Machines & Computer Forensics
|
Apr 11, 2016 |
DFSP #007 - File Use & Knowledge Wrap Up
|
Apr 04, 2016 |
DFSP #006 - Resolving Attached USBs
|
Mar 28, 2016 |
DFSP #003 - What the Shellbag!
|
Mar 21, 2016 |
DFSP #004 - Windows Prefetch
|
Mar 14, 2016 |
DFSP #003 - Windows Explorer Evidence
|
Feb 17, 2016 |
DFSP #002 - Windows Link Files
|
Feb 15, 2016 |
DFSP #001: Premiere Episode
|
Feb 14, 2016 |