Jim - BlackLivesMatter 🏳️‍🌈🏳️‍⚧️ (he/him)Sep 29
There are 2 more days to get the early-bird discount for one of my all-time favorite conferences, #SANS #DFIRCON in Miami in Nov. There are a bunch of hands-on workshops for in-person attendees on Sun, 16 Nov, DFIR Netwars, DFIR Bites, and networking opportunities in the evenings during the week, and I'll be sharing tools (including one I just released this week), tips, tricks, and lessons learned from my more than 40 years of Unix/Linux in #FOR577 (my last run of 2025). @sansforensics The registration link is easier to find on the FOR577 page than the DFIRCON page, sorry. https://www.sans.org/cyber-security-courses/linux-threat-hunting-incident-response
Alexis Brignoni  Nov 17, 2024

SANS DFIRcon presenter's dinner picture.
Hanging out with Korstiaan Stam, Ian Whiffin, Brian Maloney and others.

I'm up at 1 PM leading a workshop on the LEAPPs framework. Hope to make a new Android Bluesky artifact parser with the class.

#DFIRCon #DigitalForensics #MobileForensics

Beercow  Nov 12, 2024

ODE update. Centers around the ODL logs. Better parsing of v3 logs. Distinguishes which key was used to decrypt the log entries. This helps to identify the difference between vault and general logs. Last update before #DFIRCON

https://github.com/Beercow/OneDriveExplorer/releases/tag/v2024.11.12

Release v2024.11.12 · Beercow/OneDriveExplorer

Change Log Added GUI Colored folders to sync/link GUI/commandline Better handling of v3 logs Profile, Key_Type, Log_Type, Context_Data to log files Fixed GUI Missing image commandline No ind...

GitHub
Alexis Brignoni  Nov 15, 2022

Looking forward to this.
Starting in less than an hour.
Heather is an incredible presenter & expert.
#DFIR #DigitalForeniscs
---
RT @sansforensics
Starting in 1 hour! ⏰

🔑 @HeatherMahalik
👥 What Makes a Solid DFIR Professional
🗓️ Nov 15

Learn More: https://www.sans.org/u/1nvH

#DFIRCON
#SANSTraining
https://twitter.com/sansforensics/status/1592638649253904386

SANS DFIRCON 2022: Keynote - What makes a solid DFIR professional - How to keep growing in the field and not lose your luster

Staying current in DFIR is more than just doing the job daily. It takes work. Those who put forward an effort to research, train and share seem to carve a special place for themselves in this community. Do you have what it takes? Do you want to do more in forensics and with your education? This talk will walk you through lessons learned and methods to get the most out of DFIR and enhance your daily work.