Hello Reader,
With another presentation done here are my slides from PFIC, where I again presented on Anti Anti Forensics. This is a similar presentation to the one I did at Bsides DFW but with more details on the actual structure of $logfile records and more information.
Slides can be found here: Slides
We are getting close to the official release of ANJP (Advanced NTFS Journal Parser) as we write up our official blog post to put up on the SANS blog. Until then, if you would like a copy of the version 1 free tool please email me dcowen@g-cpartners.com so I can get you going. Our goal is to get the community access to our research as quickly as possible!
I'm looking for conferences to spread the good word on journaled file system forensics for next year, so if you are looking for advanced content please let me know!
With another presentation done here are my slides from PFIC, where I again presented on Anti Anti Forensics. This is a similar presentation to the one I did at Bsides DFW but with more details on the actual structure of $logfile records and more information.
Slides can be found here: Slides
We are getting close to the official release of ANJP (Advanced NTFS Journal Parser) as we write up our official blog post to put up on the SANS blog. Until then, if you would like a copy of the version 1 free tool please email me dcowen@g-cpartners.com so I can get you going. Our goal is to get the community access to our research as quickly as possible!
I'm looking for conferences to spread the good word on journaled file system forensics for next year, so if you are looking for advanced content please let me know!