Update: I asked and you all delivered. I am a finalist for Forensic 4:cast Awards' #DFIR Newcomer of the Year! Derek requests your vote for Forensic 4:cast Awards' DFIR Newcomer of the Year.
SMART(er) Health Check-Up
Derek explores how to collect and compare SMART information before and after a forensic acquisition. He also wrote a couple of batch files.
Getting SMART(er) with Information
Derek explores methods to retrieve SMART information from write protected NVMe drives.
Forensic Hard Drive Data Recovery with Scott Moulton
Derek learns how to rebuild a hard drive with Scott Moulton from My Hard Drive Died. It's alive!
Retrieving Registry Values to Decrypt Files Protected with DDPE
Derek explores the registry report function with X-Ways Forensics and creates a RegRipper plugin to collect Dell Data Protection Encryption information.
Reflecting on 2022
Derek reflects on why he started blogging and where he drew inspiration from.
Practical Linux Forensics & a Mini Linux Forensics CTF
Derek worked through CTF images using Practical Linux Forensics as a reference. X-Ways Forensics and Windows Subsystem for Linux are also used.
Exploring AI Assisted Picture Categorization with Magnet Forensics AXIOM and X-Ways Forensics with Excire, Re: Weapons
Derek explores the picture categorization feature in AXIOM and X-Ways Forensics.
Derek reflects on a recent table-top exercise to verify our processes, discover gaps, and learn from our mistakes. A shopping cart is involved.
Assembling a Go-Bag, Re: Write Block Options?
Derek started with ideas on creating a compact and flexible go-bag. He ended up writing about write blockers.