Phill Moore
@phillmoore
Followers
9K
Following
7K
Media
414
Statuses
7K
This Week in 4n6 // ThinkDFIR // SANS // CyberCX (DFIR) https://t.co/vLyL2sxTuy I might not know much, but I do know how to Google Tweets are mine
Sydney, Australia
Joined March 2009
Sometimes Windows and PE Version information don’t get along #DFIR.
thinkdfir.com
As part of some research I’m doing into Amcache (more on that another time), I went about exploring Windows PE version information and how Windows see’s it. This came about because I th…
0
5
15
RT @sansforensics: 🔥 Train at your own pace and save!. Get 25% off any 4–6 day #DFIR OnDemand course through July 31 with code DFIRhot25.→….
0
3
0
Have been going down a lot of #DFIR rabbit holes lately; outside of a couple papers from a decade ago, has anyone done any research into linking the IconCache.db file to the icon caches in the appdata Explorer folder?.
0
0
2
Airlines charging extra for carry on that exceeds 7kg makes zero sense. Wife just got charged basically the same as her flight for being a few kg over. not impressed Jetstar. .
0
0
2