NTFS Triforce or anti anti forensics, David Cowen & Matt Seyer
It still amazes me that after all this time there is still more to learn about NTFS. Over the past year or so David has been working on a.....
DFIROnline
20 Mar 2013
Microsoft log parser & other tips & tricks for windows exams - Dave Kleiman
Dave has years of experience working with windows forensics and security, he is also the author of a plethora of books (more here: http://www.amazon.com/s/ref=nb_ss_gw/........
DFIROnline
16 Feb 2013
DFIROnline- Memory Forensics with Michael Cohen
A recording of the January DFIROnline meetup with Michael Cohen of Google .....
DFIROnline
17 Jan 2013
Android Forensics with volatility and LiME - Andrew Case
Android powered phones dominate the mobile phone market, and Android powered devices, such as tablets, E-readers, and netbooks, have substantial.....
DFIROnline
14 Dec 2012
Digital forensic tool demos - GRR, L2T Review, libvshadow, libevtx & TAPEWORM
I was lucky enough to attend the Open Source Digital Forensic conference last month and had the chance to see a bunch of new tools being.....
DFIROnline
17 Oct 2012
Windows Log File Analysis in depth, Dave Kleiman
Back by popular demand (and this time not from hospital) Dave took us through the various log files on Microsoft Windows systems (you did know.....
DFIROnline
19 Sep 2012
Forensic Story: The Odyssey of Mitra - A Modern Geek Tragedy - Cindy Murphy
For those of you who do not know Detective Cindy Murphy of the Madison Police Department is bit of a legend in the DFIR field. In.....
DFIROnline
15 Aug 2012
Frostwire analysis - Veronica Schmitt
Vee joined in from South Africa, where it was 2am in the morning and presented the results of her analysis of Frostwire, something she deals with regularly.....
DFIROnline
18 Jul 2012
Incident Response Takeaways from the MMA Challenge - Alissa Torres & Nik Roby
The MMA challenge was run by Alissa and Nik at CEIC this year and was the best session I attended. The most interesting part was that.....
DFIROnline
18 Jul 2012
An introduction to file carving - Mike Wilkinson
This was a joint NY4sec & DFIROnline meetup, streamed live from John Jay College NY. There were a few microphone issues so the audio may fade.....
DFIROnline
18 Jun 2012
What is it really like to be a digital forensic analyst? - Jon Williams
This meetup was part of a joint effort between DFIROnline and NY4Sec Jon was displayed on the big screen to folks at the NY4Sec meetup......
DFIROnline
18 Jun 2012
Forensic Storytelling - Jesse Kornblum
Jesse is a Computer Forensics Research Guru with Kyrus Technology. The best investigation is useless unless you can convey your results. There are.....
DFIROnline
16 May 2012
The challenges of storage devices using 4096 byte sectors - Mike Wilkinson
This all started with Adam from hexacorn (http://www.hexacorn.com/ ) asking some questions about a WD mybook on the win4n6 mailing list......
DFIROnline
16 May 2012
Getting to know your NTFS INDX Records - Willi Ballenthin
This was the first special request presentation, Willi originally presented this at NYC4SEC, it received lots of positive response and he.....
DFIROnline
2 May 2012
Case Experience: Data spoliation with CCleaner. - Girl Unallocated
Meila Kelley is the famous Girl Unallocated here she presents a case experience where a user tried to cover their tracks using CCleaner, which.....
DFIROnline
18 Apr 2012
Data Recovery and Its Role in Computer Forensics - Kevin Ripa
This is my favourite presentation so far. Kevin runs a data recovery business and takes us inside his home lab to show how things are.....
DFIROnline
18 Apr 2012
DFIROnline Updates
At the beginning of this month I was thinking that the schedule for DFIROnline was looking a .....
DFIROnline
16 Apr 2012
Linux Forensics for non Linux users - Hal Pomeranz
This is a great presentation, from Hal of Deer Run Associates ( http://deer-run.com/ ), Hal is a long time Linux user (and SANS instructor)......
DFIROnline
14 Mar 2012
Ripping Volume Shadow Copies - Tracking User Activity - Corey Harrell
Harlan introduced how to process VSC's in December now Corey looks at exactly how we can get the most value from this valuable resource......
DFIROnline
14 Mar 2012
A gentle introduction to cryptography - Jon Rajewski
Jon is a fellow professor at Champlain College, here he gives an introduction to encryption, with lots of hands on practical exercises. You.....
DFIROnline
15 Feb 2012
Case studies in eDiscovery. - Peter Coons & John Clingerman
Peter and John work for D4 Discovery ( http://www.d4discovery.com/ ) and in this presentation review an data theft case they were involved.....
DFIROnline
15 Feb 2012
Malware Detection with an acquired image, by Harlan Carvey
If you have any experience with digital forensics you will know that Harlan is a legend when it comes to windows analysis. In this session.....
DFIROnline
18 Jan 2012
The Advanced Persistent Threat or: How I Learned to Stop Worrying and Love DFIR - Eric Huber
Eric Huber (author of the award winning A Fistful of Dongles blog) gives an overview of APT and why it is important for businesses.....
DFIROnline
18 Jan 2012
DFIROnline Meetup review
I think the DFIROnline meetup went well tonight. The turn-up tripled from the first event, we .....
DFIROnline
18 Jan 2012
Thoughts about last night
So after last night’s meetup I have a few thoughts on what went well and what did not. .....
DFIROnline
15 Dec 2011
Online meetup survey results
So after one week I have got around to checking out the survey results. 68% of respondents went .....
DFIROnline
18 Nov 2011
Online DFIR meetups
At PFIC I was talking to Harlan Carvey about his NoVA meetups and how great they sounded. When I got home from PFIC it occurred to me that I have an online.....
DFIROnline
11 Nov 2011