Immersive Labs Practical Skills Platform
As many of you know I have been in the DFIR realm now for just over 6 years and during that time have been very fortunate to attend many interesting and varied training
DFIR
A collection of 10 posts
Google Rapid Response - Build Process
During my SANS 508 I first heard about something called Google Rapid Response (GRR) and it peaked my interest then. Unfortunately as is normal following a SANS course I was lost in the
Happy Christmas and a Prosperous New Year
It’s that time of year when I travel all around the UK visiting family and remembering what it’s all about. This year has been an interesting one for me on my
Setting Up My Forensic Lab
I have finally bowed to the pressure of my good friend Kev and now have a server! I must point out that it is his old server and through his immense generosity now
EnScripts – GUI USNJrnl.enscript
Those of you who are following my blog will remember that in my last EnScript blog post I created a UsnJrnl EnScript and I promised I would add a Graphical User Interface (GUI)
Timestamp Anomalies - $MFT
Going through my SANS 508 material I decided to have a closer look at some of the material on the Master File Table ($MFT) in the NTFS file system and how the analysis