February 18, 2019

Cyber Forensicator

  • Articles
  • Books
  • Contact
  • How To
  • News
  • Presentations
  • Science
  • Software
  • Tips & Tricks
  • Videos
  • Webinars
  • White Papers
Home Presentations (page 2)

Presentations

Presentations

Windows Forensics: Event Trace Logs

Looking for a “new” Windows artifact that is currently being underutilized and contains a wealth of information? Event Tracing for Windows (ETW) and Event Trace Logs (ETL) may be your answer. There’s nothing new about them, yet they can provide a wealth of information. Event Tracing for Windows was introduced in Windows 2000 and is still going strong in current …

Read More
Presentations

A Planned Methodology for Forensically Sound IR in Office 365

A planned methodology for developing and implementing a forensically sound incident response plan in Microsoft’s Office 365 cloud environment must be thoroughly researched and re-evaluated over time as the system evolves, new features are introduced, and older capabilities are deprecated. This presentation will walk through the numerous forensic, incident response, and evidentiary aspects of Office 365. The presentation is based …

Read More
Presentations

Messaging App Forensics with Autopsy

Here’s Brian Carrier’s presentation from Open Source Digital Forensics Conference (OSDFCon) 2018. In the presentation he walks attendees through new Autopsy features around messaging, email, and chats. You can download it here.  

Read More
Presentations

$SignaturesAreDead = “Long Live RESILIENT Signatures”

Signatures are dead, or so we’re told. It’s true that many items that are shared as Indicators of Compromise (file names/paths/sizes/hashes and network IPs/Domains) are no longer effective. These rigid indicators break at the first attempt at evasion. Creating resilient detections that stand up to attempted evasion by dedicated attackers and researchers is challenging but possible with the right tools, …

Read More
Presentations

Living in the Shadow of the Shadow Brokers

Most people know the Shadow Brokers leaked (supposedly) stolen NSA cyber tools, which lead to some of the most significant cyber security incidents of 2017. But in addition to targeting NSA, the Shadow Brokers have also targeted a few individuals in our community. Hear about the history of the Shadow Brokers and the implications of their actions for infosec and …

Read More
Presentations

Evidence Generation X

Test evidence lies at the heart of our field. We need to be able to test our tools to make sure that they parse data correctly. New hires and students need to have their knowledge tested and challenged in a controlled environment. How do you create realistic, believable, and effective scenarios to test forensic evidence? After spending several months putting …

Read More
Presentations

Breaking Full Disk Encryption

Full Disk Encryption (FDE) may be rather useful as a defense mechanism against potential theft of a computer system. However, when the system is compromised and requires careful forensic analysis, FDE can be quite painful to forensic analysts. Unless you deal with standard and widely supported encryption such as LUKS, Bitlocker, TrueCrypt or few others, it might really hard to …

Read More
Presentations

Automating Analysis with Multi-Model Avocados

In every case you work on, someone is asking you to get answers faster but without introducing more human error. Depending on the case, there are “go to” artifacts that help us to quickly answer basic questions. As the questions get more complicated so can the analysis. Oftentimes, the need arises to correlate multiple artifacts to get a more accurate …

Read More
Presentations

Dear Blue Team: Forensic Advice to Non-Forensic Professionals to Supercharge Organization DFIR

In an age where data breaches and malware infections are quickly becoming the norm, we must prepare for Digital Forensics and Incident Response (DFIR). Most DFIR talks and advice discuss what to do once an incident has occurred. Instead, this talk provides Security Architects, System Administrators, SOC teams, and management new techniques and advice to supercharge their IR capabilities by …

Read More
Presentations

Dear Blue Team: Proactive Steps to Supercharge your IR

In an age where data breaches and malware infections are quickly becoming the norm, we must prepare for Digital Forensics and Incident Response (DFIR). In doing so, there are many things that System Administrator, Enterprise Defenders, and Security Operations Centers can do proactively to not only enhance the security of an organization, but also assist the DFIR personnel in performing …

Read More
Page 2 of 41234

Follow Us

About Us

Cyber Forensicator is a web-project by Igor Mikhaylov and Oleg Skulkin aiming on collecting all most interesting and important cyber and digital forensics news, articles, presentations, and so on, in one place.

Popular Posts

Windows 10 Forensics

February 7, 2017

Android Forensics Using Some Open Source Tools

March 20, 2017

Windows 10 Time Rules

March 25, 2018

Timeline

  • 4 days ago

    Recover Deleted Records in Windows.edb with WinSearchDBAnalyzer

  • 6 days ago

    Visual Analysis with ProcDOT

  • 2 weeks ago

    Amcache Forensics: Populated or Not?

  • 2 weeks ago

    Threat Hunting Using Live Box Forensics

  • 2 weeks ago

    Shellbags Forensics: Directory Viewing Preferences

CyberForensicator.com © Copyright 2016-2018, All Rights Reserved

Login

Welcome!Log into your account