Derek reflects on a recent table-top exercise to verify our processes, discover gaps, and learn from our mistakes. A shopping cart is involved.
Category: digital forensics
Assembling a Go-Bag, Re: Write Block Options?
Derek started with ideas on creating a compact and flexible go-bag. He ended up writing about write blockers.
Enterprise Cloud Forensics and Incident Response, Re: SANS FOR509 OnDemand Experience
Derek completed the SANS FOR509 4-day course. He liked it.
Exploring X-Ways Forensics 20.6 Beta 1b, Auto-Resume
Derek explores a beta release of X-Ways Forensics 20.6 that introduces an auto-resume feature.
Using X-Ways Forensics to Review and Report on Internet Browser Activity
Derek explores XWF's functionality to review and report on Internet browser activity.
Exploring OCR Capability (Tesseract) with XWF
Derek rick and rolls with XWF's optical character recognition (OCR) capability.
Growing with XWF
Derek reflects on how XWF influenced his growth in digital forensics.
X-Ways Forensics, Re: Training Options
Derek briefly describes training options available for XWF.
Encrypted 7Z Archives in XWF
I read the manual to understand that encrypted file contents and names in 7Z archives are not currently supported in XWF. XWF is capable of using an associated program to manually review these archives.
Totally Remove Excluded Items in XWF, Selectively
Using report table associations to totally exclude selected items from a XWF volume snapshot.
mr_eerie 