Hello Reader,
We had a good time in Austin today where they gave us almost three hours to talk journal filesystem forensics, and boy did we! We went through NTFS, EXT3 and HFS+ with demos for different aspects of NTFS and HFS+ journal forensics. We are also releasing the beta of our HFS+ parser as we continue to expand our research.
Today's slides are here:
https://docs.google.com/file/d/0B_mjsPB8uKOANE1rbG9ySmxkTzg/edit?usp=sharing
The signup link for the ANJP beta (NTFS Parser) is here:
https://docs.google.com/forms/d/1GzOMe-QHtB12ZnI4ZTjLA06DJP6ZScXngO42ZDGIpR0/viewform
The signup link for the HFS+ Journal parser public beta is here:
https://docs.google.com/forms/d/1_Zrf7LfmnklJfJ7CteecdAiAWGdRkNp2ltqqHuYFncQ/viewform
Tomorrow we'll start a walk through of the Sunday Funday image.
We had a good time in Austin today where they gave us almost three hours to talk journal filesystem forensics, and boy did we! We went through NTFS, EXT3 and HFS+ with demos for different aspects of NTFS and HFS+ journal forensics. We are also releasing the beta of our HFS+ parser as we continue to expand our research.
Today's slides are here:
https://docs.google.com/file/d/0B_mjsPB8uKOANE1rbG9ySmxkTzg/edit?usp=sharing
The signup link for the ANJP beta (NTFS Parser) is here:
https://docs.google.com/forms/d/1GzOMe-QHtB12ZnI4ZTjLA06DJP6ZScXngO42ZDGIpR0/viewform
The signup link for the HFS+ Journal parser public beta is here:
https://docs.google.com/forms/d/1_Zrf7LfmnklJfJ7CteecdAiAWGdRkNp2ltqqHuYFncQ/viewform
Tomorrow we'll start a walk through of the Sunday Funday image.