Brian Carrier: Sleuth Kit Lightening Talk
Brian Carrier (@carrier4n6) is the Vice President of Digital Forensics at Basis Technology, a software company specializing …
Windows Application Compatibility Forensics
Richard Davis has posted another video as a part of his “Introduction to Windows Forensics”, which shows three a…
Create YARA rules from strings found in malware automatically with yarGen
With help of yarGen you can generate YARA rules automatically. The main principle is the creation of yara rules from strings…
An Introduction to VolUtility
Basil Alawi S.Taher has posted a nice overview of how to start using VolUtility – a web frontend for Volatility framew…
Volatility Workbench Beta
PassMark Software has released a beta version of Volatility Workbench – a graphical user interface (GUI) for the Volat…
Mac FS Events Parser for Autopsy
Mark McKinnon has written a plugin that will export the /.fseventsd directory to the temp folder and will then call an execu…
Autopsy 4.4.0 is out!
The new version of our favorite open source forensic tool – Autopsy, – has been released. New triage features. M…
Digital Forensics and Incident Response
Another DFIR book has been announced by Packt Publishing. It’s “Digital Forensics and Incident Response” b…
Windows Prefetch Carver
Adam Witt has presented a fresh Python script. It’s called Windows Prefetch Carver and, as you already understood, can…
Using Binsnitch.py to Detect Files Touched by Malware
Daan Raman from NVISO Labs has published a blog post about their new tool – binsnitch.py. You can use this tool to det…
