Following on from the previous [DFIR TOOLS] posts. First lets see what JumpLists are? Jump Lists are a feature in Microsoft Windows that provide quick access to recently used files, tasks, and specific actions associated with a particular application or program. They were introduced in Windows 7 and have been present in subsequent versions of…
Tag: digital forensics
Mastering Linux Security and Hardening: Safeguard Your Linux Systems from Cyber Threats – 3rd Edition by Donald A. Tevault (REVIEW)
In my early career, I ventured into the realm of application support and to ensure that the critical software tools, indispensable to the work of geologists and paraphysicists, operated seamlessly. This was the backdrop for my journey into the world of Linux. During those days, the mighty Red Hat Enterprise Linux 5 machine was my…
Interview with DFIR Legend Alexis Brignoni
For this interview I have had the please to speak with someone who is so prevalent in DFIR, is very highly thought of and is a pleasure to have got the chance to chat. I have been trying to learn Python for what seems like forever, and it was where I first spent any kind…
Learn Computer Forensics – Second Edition by William Oettinger for Packt REVIEW
Hello, I have had the absolute pleasure to be reading and working though this book ` Learn Computer Forensics: Your one-stop guide to searching, analysing, acquiring, and securing digital evidence, 2nd Edition`. “Computer Forensics, being a broad topic, involves a variety of skills which will involve seizing electronic evidence, acquiring data from electronic evidence, data…
Interview With DFIR Legend Brett Shavers
If there were a Mount Rushmore or people in DFIR this person would be on it. He has been in the scene for a long time and runs the excellent resource https://www.dfir.training/ “All things Digital Forensics/Incident Response, DFIR. Software, hardware, training, education, white papers, blog lists, social media contacts, service provider directory, books, jobs, Wikis,…
[DFIR TOOLS] bstrings, what is it & how to use!
Following on from the previous [DFIR TOOLS] posts. [DFIR TOOLS] Timeline Explorer, what is it & how to use! [DFIR TOOLS] AmcacheParser, what is it & how to use [DFIR TOOLS] AppCompatCacheParser, what is it & how to use! This time I will speak about bstrings again from the Eric Zimmerman suite. We will start with…
Interview with Krzysztof (Chris) Stanko ‘The Forensic Guy’, a Mobile & Computer Forensic Examiner and co-founder of Data Rescue Labs inc
Hello, For this interview I am going to speak to someone that many of the regular visitors to the site might not be aware of Chris ‘The Forensic Guy’ Stanko. I was scrolling through Tik Tok one evening and stumbled across this guy who was brute forcing passwords on a Galaxy S9 and was fascinated…
[DFIR TOOLS] AmcacheParser, what is it & how to use!
Following on from the previous [DFIR TOOLS] posts below, this time I will speak about AmcacheParser again from the Eric Zimmerman suite. [DFIR TOOLS] Timeline Explorer, what is it & how to use! We will start with Erics description on its purpose:- “Amcache.hve parser with lots of extra features. Handles locked files” But what is…
Interview with 13Cubed who is also DFIR Investigator for Microsoft Richard Davis.
Hello, For this interview I am pleased to share someone who is one of the two people that have been so important in my learning the DFIR skills outwith my work colleagues. His name is Richard Davis but you will know him as 13Cubed, along with Eric Zimmerman for his tools Richard’s videos have been…
[DFIR TOOLS] Timeline Explorer, what is it & how to use!
I am going to try something different for this post and the other I plan to do in this type of upcoming articles because I plan to speak about different tools in ‘Digital Forensics & Incident Response’ starting with all the tools by Eric Zimmerman and then moving on to others. Partly this is for…