Kevin Pagano is a seasoned cybersecurity professional specializing in Digital Forensics and Incident Response. With a strong technical background and a passion for unravelling complex cyber incidents, Kevin has become a trusted expert in investigating and mitigating cyber threats. When i first started getting into DFIR and was searching for all blogs and tools to…
Tag: DFIR
Dead Simple Python Idiomatic Python for the Impatient Programmer by Jason C. McDonald (REVIEW)
“Dead Simple Python: Idiomatic Python for the Impatient Programmer” by Jason C. McDonald is a gem in the realm of Python programming literature, offering a refreshing and concise approach to mastering the language for both novice and seasoned developers alike. In a landscape often cluttered with verbose technical manuals, McDonald’s book stands out for its…
[DFIR TOOLS] JLECmd, what is it & how to use!
Following on from the previous [DFIR TOOLS] posts. First lets see what JumpLists are? Jump Lists are a feature in Microsoft Windows that provide quick access to recently used files, tasks, and specific actions associated with a particular application or program. They were introduced in Windows 7 and have been present in subsequent versions of…
Practical Linux Forensics, A Guide for Digital Investigators by Bruce Nikkel for No Starch Press REVIEW
This book is a comprehensive and informative guide for those interested in digital forensics and investigations. The book covers a wide range of topics related to forensic analysis of Linux systems, including data acquisition, evidence preservation, and various forensic techniques. It is a fantastic read, even before going deep into it forensically, the digital and…
[DFIR TOOLS] Hasher, what is it & how to use!
Following on from the previous [DFIR TOOLS] posts. Hasher is a software application developed by Eric Zimmerman that is used to calculate and compare the hash values of files. A hash value is a unique code that is generated based on the contents of a file. By comparing the hash values of two files, it…
Interview With One of the Great DFIR Talents, Alessandro Di Carlo (samaritan_o)
Alessandro is and unbelievable talent in the DFIR world, not only do I look forward to anything he writes either on his own site or over on The DFIR Report but on social media also. He knows his stuff and I just don’t say this because he writes at The DFIR Report who in my…
Interview with DFIR Legend Alexis Brignoni
For this interview I have had the please to speak with someone who is so prevalent in DFIR, is very highly thought of and is a pleasure to have got the chance to chat. I have been trying to learn Python for what seems like forever, and it was where I first spent any kind…
Learn Computer Forensics – Second Edition by William Oettinger for Packt REVIEW
Hello, I have had the absolute pleasure to be reading and working though this book ` Learn Computer Forensics: Your one-stop guide to searching, analysing, acquiring, and securing digital evidence, 2nd Edition`. “Computer Forensics, being a broad topic, involves a variety of skills which will involve seizing electronic evidence, acquiring data from electronic evidence, data…
Interview With DFIR Legend Brett Shavers
If there were a Mount Rushmore or people in DFIR this person would be on it. He has been in the scene for a long time and runs the excellent resource https://www.dfir.training/ “All things Digital Forensics/Incident Response, DFIR. Software, hardware, training, education, white papers, blog lists, social media contacts, service provider directory, books, jobs, Wikis,…
[DFIR TOOLS] bstrings, what is it & how to use!
Following on from the previous [DFIR TOOLS] posts. [DFIR TOOLS] Timeline Explorer, what is it & how to use! [DFIR TOOLS] AmcacheParser, what is it & how to use [DFIR TOOLS] AppCompatCacheParser, what is it & how to use! This time I will speak about bstrings again from the Eric Zimmerman suite. We will start with…