| Keybase | https://tomchop.keybase.pub/mastodon.html |
| GitHub | https://github.com/tomchop |
Please feel free to use (and tell us when you do! we love hearing about people's use-cases), file lots of bugs, and feel free to contribute: guides, documentation, even cool screenshots, everything is welcome.
We are looking forward to integrating formats such as https://dfiq.org, shipping tighter integrations with DFIR platform tools like
@TimesketchProj,
@TurbiniaProj and CTI platforms like @MISPProject
(and hopefully many more!)
This has been years in the making, literally.
@sebdraven
and I are happy to announce the release of #Yeti 2.0 β¨ π° (after we promised an EOM release at
@hack_lu
last month π
)
Website: https://yeti-platform.io
Release: https://github.com/yeti-platform/yeti/releases/tag/2.0
mini-π§΅ππΌ
- Introduction - What to expect of the workshop - Quick tour / install / configuration - Timesketch - Yeti - Adding some forensics intelligence to Yeti - Your first forensic analysis with Timesketch! - Adding threat intelligence to the mix Optional (if time permits) - dfTimewolf - Configuring all these tools to work together, triggering a first analysis using dfTimewolf. - Tweaking Timesketch analyzers
I haven't had time to talk about it, but @Sebdraven and I are giving a talk this week at @hack_lu about some cool new changes coming to Yeti: https://pretalx.com/hack-lu-2023/talk/JAKAKS/
It's going to be fun to talk about this project that has been on my todo list for 10+ years! π #DFIR
We are going to tell the story of Yeti, why it was created, where it's now, and about all the friends we made along the way. Besides the new DFIR twist we want to give Yeti, we'll highlight some of the major changes in the codebase: - Total revamp of the Web UI using VueJS. - Backend migration to ArangoDB (graph database) - Code health: Python typing, e2e tests, making development faster and more reliable, and making community contributions much easier. - Production and development Docker images - Integration with third-party OSS tools such as Timesketch and Turbinia.
My team just released https://dfiq.org, which is "a collection of Digital Forensics Investigative Questions and the approaches to answering them."
The idea came from the will to organize investigative approaches to similar cases to increase consistency across response efforts. #dfir #infosec
π’ The #BSides Zurich #CfP has still about a month to go. It's a laid-back one-day event in Zurich, Switzerland. π¨π
First time presenter? Applications for our mentoring program close in ~two weeks (May 18), so better hurry up!
Conference format We want BSides Zurich to be a conference where attendees and speakers have a real opportunity to mingle and engage in active discussions. In order to achieve this, we chose an atypical conference format that our attendees have really enjoyed. There are a total of 6 talks plus a keynote, all in English. Talks are grouped by 3 and are divided into two sessions (morning and afternoon). Each talk is only 20 minutes long, and after the 3 morning talks, each speaker gets an assigned room for a 30-minute-long breakout βdiscussionβ session.
