Friday, December 6, 2013

Daily Blog #166: Forensic Lunch 12/6/13

Hello Reader,
          We had a great forensic lunch this week! With this week's guests in alphabetical order:

Robert Haist, talking about his research with page_brute in recovering command execution and other fun things from the pagefile, read his blog about it here: http://blog.roberthaist.com/2013/12/restoring-windows-cmd-sessions-from-pagefile-sys-2/

Amber Shroader, talking about Device Seizure 6.5 and a great discussion on what happens behind the scenes in your mobile forensics tools as well as the future of cloud phone data acquisition. You can find out more about Device Seizure here: http://www.paraben.com/device-seizure.html

Joakim Schicht, discussing his tools and research, including how he approaches these projects and develops them. You can find his google code repository here: http://code.google.com/p/mft2csv/ with all the tools mentioned today and more!