Listen to talk about computer forensic analysis, techniques, methodology, tool reviews and more.
http://digitalforensicsurvivalpodcast.libsyn.com/podcast
Gesamtlänge aller Episoden: 6 days 5 minutes
DFSP # 017 - Cracking Passwords with Cain
In the last episode I talked about PW psychology, an important part of operationalizing any PW cracking tool effectively. Face it, the math is against you so understanding a person’s probable PW patterns is important. In this episode we will...
DFSP # 0016 - Password Psychology
The next mini series will focus on open source password attack tools. There are some pay options out there, however, most IR teams do not have a need for it and disk forensic teams use if infrequently. Despite this many labs want the capability...
DFSP # 015 - $UsnJrnl File
The $UsnJrnl is an artifact that logs certain changes to files in NTFS volumes. It is a great source of timeline information for malware\ IR investigations, time stomping concerns and anti-forensics activities (i.e. wiping) as well as an...
DFSP # 014 - Shimcache
In this episode I talk Shimcache, otherwise known as the Application Compatibility Cache. This registry key has existed since Windows XP and tracks executable on a system, making it a great source of digital evidence for both disk forensics...
DFSP # 014 - Shimcache
In this episode I talk Shimcache, otherwise known as the Application Compatibility Cache. This registry key has existed since Windows XP and tracks executable on a system, making it a great source of digital evidence for both disk forensics...
DFSP # 013 - Windows 10 Artifacts
In this episode I cover something I have been intending to do for some time: a Windows 10 artifacts overview. Here, I explore some key artifacts changes and what has stayed the same. Once I got into it I found there was a lot to talk about so, to...
DFSP # 013 - Windows 10 Artifacts
In this episode I cover something I have been intending to do for some time: a Windows 10 artifacts overview. Here, I explore some key artifacts changes and what has stayed the same. Once I got into it I found there was a lot to talk about so, to...
DFSP # 012 - Just-Metadata
This episode I talk Just-Metadata, a freely available tool that gathers data about IP addresses from publicly available resources. Check out to learn more. I put together my quick start notes (below) for anyone interested in getting...
DFSP # 012 - Just-Metadata
This episode I talk Just-Metadata, a freely available tool that gathers data about IP addresses from publicly available resources. Check out to learn more. I put together my quick start notes (below) for anyone interested in getting...
DFSP # 011 - PALADIN
This episode I talk about PALADIN from SUMURI. PALADIN is a modified “live” Linux distribution based on Ubuntu that simplifies various forensics tasks in a forensically sound manner via the PALADIN Toolbox and used by...