Hello Reader,
We have another great Forensic Lunch for you, thanks to all of you who watched live with us! I hope you can join us for the next live broadcast so you can get your questions in. This week we had:
Links for this week:We have another great Forensic Lunch for you, thanks to all of you who watched live with us! I hope you can join us for the next live broadcast so you can get your questions in. This week we had:
- Suzanne Widup with Verizon DBIR talking about VCDB
- Jonathan Tomczak with TZWorks talking about new developments in tracking lnk, jumplists and shellbags with mft reference numbers back to the files they reference with gena and other tools
- Blazer Catzen with Catzen Forensics talking about more HTML5 offline content research, linkedin ios message recovery, comparing tools for parsing IOS backups and tool testing
- Matt and myself talking about HFS+ Journaling, rewriting the current NTFS Journal parser and other topics
For the VCDB You can get an overview here:
http://public.tableausoftware.com/views/vcdb/Overview for VCDB.
The VCDB Github is located here:
https://github.com/vz-risk/VCDB
And the currently open issues is here:
https://github.com/vz-risk/VCDB/issues?state=open
You can visit Tzworks here:
https://www.tzworks.net/
And get the tools shown today here:
LNK Parser: https://www.tzworks.net/prototype_page.php?proto_id=11
Jump list parser: https://www.tzworks.net/prototype_page.php?proto_id=20
Shellbag parser: https://www.tzworks.net/prototype_page.php?proto_id=14
GENA here: https://www.tzworks.net/prototype_page.php?proto_id=28
I hope you like it, if you want to be on the Forensic Lunch just send me an email dcowen@g-cpartners.com we are always looking for new people to come and share with us.