Home zimmerman Daily Blog #560: Forensic Lunch 12/7/18 - RBCMD, MFTEcmd, $BOOT, and More

Daily Blog #560: Forensic Lunch 12/7/18 - RBCMD, MFTEcmd, $BOOT, and More

By David Cowen • December 08, 2018 • Daily Blog forensic lunch registry explorer zimmerman • Comments : 0

This week we had a Forensic Lunch with Eric Zimmerman! We talked about RBCMD, MFTEcmd, $BOOT, and more

Hello Reader,
This week we had a Forensic Lunch with Eric Zimmerman! We talked about

Eric's new tool RBCMD
Eric's updated MFTEcmd which now supports $BOOT, $SDS, and USN Journal parsing

Eric's soon to be released plugins for the CIT registry key and the Syscache hive

You can watch the video here:

Also Read: Daily Blog #559

Post a Comment

Subscribe to: Post Comments ( Atom )