Hacking Exposed Computer Forensics Blog

Daily Blog #524: Forensic Lunch 10/31/18

David Cowen October 31, 2018

Hello Reader, This week on the Forensic Lunch we had Hal Pomeranz talking all about XFS file systems and XFS forensics. Tune...

Daily Blog #524: Forensic Lunch 10/31/18

Reviewed by David Cowen on October 31, 2018 Rating: 5

Daily Blog forensic lunch recycle bin test kitchen

Daily Blog #523: Forensic Lunch Test Kitchen 10/30/18

David Cowen October 30, 2018

Hello Reader, Another test kitchen focused on the Recycle.Bin tonight continuing last nights testing. Last night the question we...

Daily Blog #523: Forensic Lunch Test Kitchen 10/30/18

Reviewed by David Cowen on October 30, 2018 Rating: 5

Daily Blog forensic lunch recycle bin test kitchen

Daily Blog #522: Forensic Lunch Test Kitchen 10/29/18

David Cowen October 29, 2018

Hello Reader, Tonight on the test kitchen we followed up on a viewer request from Neck aka @ AaronSWeiss on twitter to do some...

Daily Blog #522: Forensic Lunch Test Kitchen 10/29/18

Reviewed by David Cowen on October 29, 2018 Rating: 5

Daily Blog sunday funday

Daily Blog #521: Sunday Funday 10/28/18

David Cowen October 28, 2018

Hello Reader, In an attempt to engage you and get your inner researcher going I'm again changing things up this week. Th...

Daily Blog #521: Sunday Funday 10/28/18 Reviewed by David Cowen on October 28, 2018 Rating: 5

Daily Blog solution saturday

Daily Blog #520: Solution Saturday 10/27/18

David Cowen October 27, 2018

Hello Reader, No winners this week, let me know what's holding you back from entering!

Daily Blog #520: Solution Saturday 10/27/18 Reviewed by David Cowen on October 27, 2018 Rating: 5

Daily Blog event logs forensic lunch osx rdp test kitchen

Daily Blog #519: Forensic Lunch Test Kitchen 10/26/18

David Cowen October 26, 2018

Hello Reader, Well I didn't have time today to do a forensic lunch which means tonight we had another Test Kitchen! I will...

Daily Blog #519: Forensic Lunch Test Kitchen 10/26/18

Reviewed by David Cowen on October 26, 2018 Rating: 5

Daily Blog forensic lunch rdp test kitchen

Daily Blog #518: Forensic Lunch Test Kitchen 10/25/18

David Cowen October 25, 2018

Hello Reader, Tonight's test kitchen continued last nights RDP focused testing. Tonight we went through the event logs...

Daily Blog #518: Forensic Lunch Test Kitchen 10/25/18

Reviewed by David Cowen on October 25, 2018 Rating: 5

Daily Blog event logs forensic lunch rdp test kitchen

Daily Blog #517: Forensic Lunch Test Kitchen 10/24/18

David Cowen October 24, 2018

Hello Reader, Another test kitchen with a lot of you tuning in live with a very short notice! Thanks to everyone who made the li...

Daily Blog #517: Forensic Lunch Test Kitchen 10/24/18

Reviewed by David Cowen on October 24, 2018 Rating: 5

Daily Blog event logs rdp test kitchen

Daily Blog #516: Forensic Lunch Test Kitchen 10/23/18

David Cowen October 23, 2018

Hello Reader, We had another test kitchen tonight with a focus on rdp brute forcing windows system from Kali attempting to use nc...

Daily Blog #516: Forensic Lunch Test Kitchen 10/23/18

Reviewed by David Cowen on October 23, 2018 Rating: 5

Daily Blog

Daily Blog #515: Asking for your input regarding future testing

David Cowen October 22, 2018

Hello Reader, I'm not doing a test kitchen tonight. However I thought I would take this opportunity to ask you dear re...

Daily Blog #515: Asking for your input regarding future testing Reviewed by David Cowen on October 22, 2018 Rating: 5

Daily Blog login logs netbios smb sunday funday

Daily Blog #514: Sunday Funday 10/21/18

David Cowen October 21, 2018

Hello Reader, Adam Harrison returned this week to reclaim the prize, but every week is a new week and a new challenge. This week we...

Daily Blog #514: Sunday Funday 10/21/18 Reviewed by David Cowen on October 21, 2018 Rating: 5

Daily Blog #513: Solution Saturday 10/20/18

David Cowen October 20, 2018

Hello Reader, While this weeks winning answer did not directly answer the challenge asked it is the most complete and fills in some ...

Daily Blog #513: Solution Saturday 10/20/18 Reviewed by David Cowen on October 20, 2018 Rating: 5

brute force Daily Blog event logs forensic lunch kali smb test kitchen

Daily Blog #512: Forensic Lunch Test Kitchen 10/19/18

David Cowen October 20, 2018

Hello Reader, Another test kitchen on the books! Tonight we took a break from ObjectIDs and took a look at something I've bee...

Daily Blog #512: Forensic Lunch Test Kitchen 10/19/18

Reviewed by David Cowen on October 20, 2018 Rating: 5

Daily Blog forensic lunch objectid test kitchen

Daily Blog #511: Forensic Lunch Test Kitchen 10/18/18

David Cowen October 18, 2018

Hello Reader, Back to the test kitchen tonight! While tonight's broadcast was a later than normal (showed the kids the fe...

Daily Blog #511: Forensic Lunch Test Kitchen 10/18/18

Reviewed by David Cowen on October 18, 2018 Rating: 5

backstage Daily Blog office 2016

Daily Blog #510: Office 2016 Backstage Artifacts

David Cowen October 17, 2018

Hello Reader, New versions of software often bring new artifacts and Office 2016 is no exception. We were working an investigatio...

Daily Blog #510: Office 2016 Backstage Artifacts

Reviewed by David Cowen on October 17, 2018 Rating: 5

Daily Blog objectid

Daily Blog #509: ObjectIDs and Domains

David Cowen October 16, 2018

Hello Reader, Well YouTube was down for awhile tonight and at this point I'll need to get to bed before I could finish a ...

Daily Blog #509: ObjectIDs and Domains

Reviewed by David Cowen on October 16, 2018 Rating: 5

Daily Blog forensic lunch objectid test kitchen

Daily Blog #508: Forensic Lunch Test Kitchen 10/15/18

David Cowen October 15, 2018

Hello Reader, Tonight Matt Seyer virtually joined me for another test kitchen! We decided to examine the ObjectID index to dete...

Daily Blog #508: Forensic Lunch Test Kitchen 10/15/18

Reviewed by David Cowen on October 15, 2018 Rating: 5

Daily Blog sunday funday

Daily Blog #507: Sunday Funday 10/14/18

David Cowen October 14, 2018

Hello Reader, The weeks have gone by quickly with nightly testing videos and weekly challenges. The schedule works well for me typ...

Daily Blog #507: Sunday Funday 10/14/18 Reviewed by David Cowen on October 14, 2018 Rating: 5

Daily Blog solution saturday

Daily Blog #506: Solution Saturday 10/13/18

David Cowen October 13, 2018

Hello Reader, This week no qualifying submissions, as a reminder this was the challenge: The Challenge: The TypedPaths key ...

Daily Blog #506: Solution Saturday 10/13/18 Reviewed by David Cowen on October 13, 2018 Rating: 5

Daily Blog forensic lunch objectid test kitchen

Daily Blog #505: Forensic Lunch Test Kitchen 10/12/18

David Cowen October 12, 2018

Hello Reader, A shorter test kitchen tonight, mainly because the answer came much quicker than I expected but only in part. T...

Daily Blog #505: Forensic Lunch Test Kitchen 10/12/18

Reviewed by David Cowen on October 12, 2018 Rating: 5

Daily Blog forensic lunch objectid test kitchen unc

Daily Blog #504: Forensic Lunch Test Kitchen 10/11/18

David Cowen October 11, 2018

Hello Reader, Tonight we had what I think is a very exciting broadcast of the Forensic Lunch. When discussing on twitter whethe...

Daily Blog #504: Forensic Lunch Test Kitchen 10/11/18

Reviewed by David Cowen on October 11, 2018 Rating: 5

Daily Blog registry explorer test kitchen transaction logs typed paths yarp

Daily Blog #503: Forensic Lunch Test Kitchen 10/10/18

David Cowen October 10, 2018

Hello Reader, We had a long night in this session of the test kitchen. Mainly because I was trying to debug making changes to Max...

Daily Blog #503: Forensic Lunch Test Kitchen 10/10/18

Reviewed by David Cowen on October 10, 2018 Rating: 5

Daily Blog forensic lunch registry explorer test kitchen typed paths yarp

Daily Blog #502: Forensic Lunch Test Kitchen 10/9/18

David Cowen October 09, 2018

Hello Reader, Another night of testing on the test kitchen! This evening we revisited the TypedPath key and registry transacti...

Daily Blog #502: Forensic Lunch Test Kitchen 10/9/18

Reviewed by David Cowen on October 09, 2018 Rating: 5

Daily Blog registry test kitchen transaction logs typedpaths

Daily Blog #501: Forensic Lunch Test Kitchen 10/8/18

David Cowen October 08, 2018

Hello Reader, It's Monday and it's time for another test kitchen! Tonight I tested Maxim Suhanov's assertion that ...

Daily Blog #501: Forensic Lunch Test Kitchen 10/8/18

Reviewed by David Cowen on October 08, 2018 Rating: 5

Daily Blog sunday funday

Daily Blog #500: Sunday Funday 10/7/18

David Cowen October 07, 2018

Hello Reader, This is the 500th Daily Blog! Which also just so happens to land on a Sunday Funday challenge which means, this o...

Daily Blog #500: Sunday Funday 10/7/18 Reviewed by David Cowen on October 07, 2018 Rating: 5

Daily Blog #499: Solution Saturday 10/6/18

David Cowen October 06, 2018

Hello Reader, This week Kevin Pagano grabbed the win with a nice primer on registry monitoring. I m looking forward to testing more ...

Daily Blog #499: Solution Saturday 10/6/18 Reviewed by David Cowen on October 06, 2018 Rating: 5

Daily Blog forensic lunch videopost

Daily Blog #498: Forensic Lunch 10/5/18

David Cowen October 05, 2018

Hello Reader, We had a Forensic Lunch today! Matthew and I talked with all of you about: The state of the DFIR Conference ...

Daily Blog #498: Forensic Lunch 10/5/18

Reviewed by David Cowen on October 05, 2018 Rating: 5

Daily Blog forensic lunch test kitchen typedpaths videopost yarp

Daily Blog #497: Forensic Lunch Test Kitchen 10/4/18

David Cowen October 04, 2018

Hello Reader, Another test kitchen! Tonight we went back to the TypedPaths overwrite mystery while Matthew finishes his $OBJID:$O ...

Daily Blog #497: Forensic Lunch Test Kitchen 10/4/18

Reviewed by David Cowen on October 04, 2018 Rating: 5

Daily Blog mft mftecmd objectid pytsk test kitchen videopost

Daily Blog #496: Forensic Lunch Test Kitchen 10/3/18

David Cowen October 03, 2018

Hello Reader, Today we come close to a conclusion on our exploration of ObjectIDs within the MFT. We went in and both extracted MFT...

Daily Blog #496: Forensic Lunch Test Kitchen 10/3/18

Reviewed by David Cowen on October 03, 2018 Rating: 5

Daily Blog objectid test kitchen videopost

Daily Blog #495: Forensic Lunch Test Kitchen 10/2/18

David Cowen October 02, 2018

Hello Reader, Another night, another test kitchen. Tonight we continued our ObjectID testing and research to see if sequence nu...

Daily Blog #495: Forensic Lunch Test Kitchen 10/2/18

Reviewed by David Cowen on October 02, 2018 Rating: 5

Daily Blog forensic lunch test kitchen videopost

Daily Blog #494: Forensic Lunch Test Kitchen 10/1/18

David Cowen October 01, 2018

Hello Reader, Tonight the test kitchen continued to plumb the depths of ObjectID attributes of files in the MFT. What did we lea...

Daily Blog #494: Forensic Lunch Test Kitchen 10/1/18

Reviewed by David Cowen on October 01, 2018 Rating: 5

Top Ad unit 728 × 90

Latest News

Daily Blog #524: Forensic Lunch 10/31/18

Daily Blog #523: Forensic Lunch Test Kitchen 10/30/18

Daily Blog #522: Forensic Lunch Test Kitchen 10/29/18

Daily Blog #521: Sunday Funday 10/28/18

Daily Blog #520: Solution Saturday 10/27/18

Daily Blog #519: Forensic Lunch Test Kitchen 10/26/18

Daily Blog #518: Forensic Lunch Test Kitchen 10/25/18

Daily Blog #517: Forensic Lunch Test Kitchen 10/24/18

Daily Blog #516: Forensic Lunch Test Kitchen 10/23/18

Daily Blog #515: Asking for your input regarding future testing

Daily Blog #514: Sunday Funday 10/21/18

Daily Blog #513: Solution Saturday 10/20/18

Daily Blog #512: Forensic Lunch Test Kitchen 10/19/18

Daily Blog #511: Forensic Lunch Test Kitchen 10/18/18

Daily Blog #510: Office 2016 Backstage Artifacts

Daily Blog #509: ObjectIDs and Domains

Daily Blog #508: Forensic Lunch Test Kitchen 10/15/18

Daily Blog #507: Sunday Funday 10/14/18

Daily Blog #506: Solution Saturday 10/13/18

Daily Blog #505: Forensic Lunch Test Kitchen 10/12/18

Daily Blog #504: Forensic Lunch Test Kitchen 10/11/18

Daily Blog #503: Forensic Lunch Test Kitchen 10/10/18

Daily Blog #502: Forensic Lunch Test Kitchen 10/9/18

Daily Blog #501: Forensic Lunch Test Kitchen 10/8/18

Daily Blog #500: Sunday Funday 10/7/18

Daily Blog #499: Solution Saturday 10/6/18

Daily Blog #498: Forensic Lunch 10/5/18

Daily Blog #497: Forensic Lunch Test Kitchen 10/4/18

Daily Blog #496: Forensic Lunch Test Kitchen 10/3/18

Daily Blog #495: Forensic Lunch Test Kitchen 10/2/18

Daily Blog #494: Forensic Lunch Test Kitchen 10/1/18

KPMG Advisory

Popular Posts

Blog Archive

Random Posts

Recent Posts

Contact Form

Top Ad unit 728 × 90

Latest News

Social Counter

KPMG Advisory

Popular Posts

Blog Archive

Random Posts

Recent Posts

Contact Form