The new episode of Richard Davis’ “Introduction to Windows Forensics” covers an exciting new tool from Kroll and Eric Zimmerman called KAPE:

Which are the most dangerous new attack techniques? How do they work? How can you stop them? What’s coming next and how can you prepare? This fast-paced briefing features the three people best positioned to provide answers and best able to communicate them: the nation’s top expert/teacher on mobile forensics, the director of the Internet Storm Center and the top …

In the new episode of “Introduction to Malware Analysis” series Richard Davis covers a very useful utility called ProcDOT:

AccessData has published a bunch of videos on its YouTube channel. You’ll learn about detecting and attacking TrueCtypt, Edge and Courtana forensics, log files analysis, and some other topics.

This episode of “Introduction to Windows Forensics” covers triage image creation. Richard Davis uses FTK Imager to capture memory and create a Custom Content Image from a Windows 10 system:

This new video is the next episode of “Introduction to Malware Analysis” series. This time Richard Davis shows how to work with another tool capable of extracting embedded content from within a PDF:

As a continuation of the “Introduction to Windows Forensics” series, this episode looks at CyberChef, a powerful web-based app that provides a multitude of operations including crypto, conversion, parsing, extraction, and other manipulation of data:

Python is uniquely positioned as a programming language to perform cyber investigations and perform forensics analysis. Unleash the power of Python by using popular libraries and Python tools to help you create efficient and thorough forensics investigations. This course will walk you through digital forensics on network traffic, host analysis, and memory analysis. The course starts with network forensics, an …

This video will show you how to decrypt encrypted notes (password protected) on iOS devices and enter the password into Cellebrite Physical Analyzer for decryption and processing. Tested on iOS 11.4 and 12.0.

As a continuation of the “Introduction to Malware Analysis” series, this video walks through an analysis of a potentially malicious PDF file. You’ll look at three (3) tools from Didier Stevens: pdfid.py, pdf-parser.py, and oledump.py. Using these tools, you’ll extract an embedded Microsoft Word document from the PDF, and then extract an embedded VBA macro from within the Word document.