Carving EVTX
Quentin Jerome from RawSec shared an article on carving Windows Event Logs in EVTX format. He gives a short overview of the …
Demisto – Volatility Memory Analysis
This demo shows the interactive investigation capabilities in Demisto using Volatility integration to analysis cridex malwar…
Hunting Fileless Malware with LOG-MD Free Edition
In this video you will learn how to hunt so called “Fileless malware” or “Non-Malware malware” using…
Mac RAM Imaging and Analysis
BlackBag Training Team has published a post about Mac memory imaging and analysis. They start from different ways of capturi…
Fuzzy Hashing with SSDEEP
In this video Joshua James uses SSDEEP to create fuzzy hashes of text and image files, and compare the similarity between fi…
Bitscout: Remote Forensics Meta Tool
Bitscout allows anyone who is running Ubuntu OS to build own LiveCD/LiveUSB image to be used for remote digital forensics (o…
Chromensics – Google Chrome Forensics
Chromensics is an open source tool by Nishant Grover capable of reading all information from Chrome Browser directory and pr…
Windows Forensics Cookbook
Packt Publishing has announced a book by Oleg Skulkin (Cyber Forensicator) and Scar de Courcier (Forensic Focus). “Win…
Adding AFF4 support to The Sleuth Kit and Volatility on macOS
AFF4 (Advanced Forensics File Format v4.0) is the new standard in forensic imaging, a new container format for storing digit…
Brian Carrier: Sleuth Kit Lightening Talk
Brian Carrier (@carrier4n6) is the Vice President of Digital Forensics at Basis Technology, a software company specializing …
