Arsenal Image Mounter (by @ArsenalRecon ) functionality walk through:

Computer Architecture From Scratch Very good series of videos on computer architecture with great visualization

the forensic guy just said, “Oh… that’s not good.” i don’t know what he saw, but is it too late to consider a career in accounting... 🫠

we’re extracting VMs from the server. people are typing aggressively. someone just whispered “this is fine” while sweating.

One thing noobie scoobies don't seem to understand is that malware is literally just software. Understandably, that seems kind of obvious, it's in the name — 'malicious software'. But it seems less obvious to some that, in order to write malware, you apply the exact same

🚨 #DFIR Tool update 🚨 I’ve updated parseUSBs (again!): - Now supports mounted #KAPE images - Improved deduplication of events within secs of each other - Added extraction of partition style (MBR/GPT) & FS - Parses alternate S/Ns - Parses WPDBUSENUM key https://t.co/MOBVqRdRva

Apple indeed added a feature called "inactivity reboot" in iOS 18.1. This is implemented in keybagd and the AppleSEPKeyStore kernel extension. It seems to have nothing to do with phone/wireless network state. Keystore is used when unlocking the device. https://t.co/ONZuU9zVt2

🔎 Can you trust your #forensic tools? Discover how to validate them at Community Learning Day at #DFIRCON with @4enzikat0r's. This hands-on tutorial will provide you the skills to ensure your #DigitalForensic tools are dependable. 👉 Learn more: https://t.co/3LLPYZWgXp

I wrote a blog post exploring @DasZamomin 's project, UFADE. Exploring UFADE to Extract Data From iOS Devices – mr. eerie ( https://t.co/rvsGgQTjHF)

The Eyes Lie - Written

How ARP works.

If you're interested in getting into #Linux #logging and evidence collection, this is an excellent write-up from @Kostastsale that compares #EVTX logs on Windows with #Auditd, #SysMon for Linux, and native Linux logging. #DFIR #LinuxForensics #SIEM #CSIRT https://t.co/uukC9K0Ct2

Open Directory Search Tool A simple online tool that generates queries to Google to search for audio, video, ebooks and archives in open directories on different servers. https://t.co/MF2LvAmavO Tip by @DarkWebInformer Similar tool https://t.co/XI5kRH2y7n

Took a short FOR518 study break to: 1) Recover from a catastrophic OS drive failure (min. data loss, yay.) 2) Explore Christian Peter's UFADE for Windows https://t.co/kv4MyJYG31 Here, I'm combining iMazing to pair a supervised iOS device to a Windows mach. to take screenshots.

https://t.co/Og0mWDj0eW #DFIR

Marriage advice from 1886

Oh, so you track ransomware tools? OK, name every one. Me:

If you need to process PDF documents (crop, merge, split, convert, read metadata, etc) but don't want to upload them to third-party online services, you can: 1. Use command line tools (see comments). 2. Use self-hosted PDF services such as Stirling PDF. https://t.co/D7u9JjbZSF

A list of more than 15 reverse image search tools can be found in the Linkedin group of my old mates - OSINT Experts & Resources, by UserSearch

In case you missed my big news in today’s workshop… I will be re-running Ranges events for ALL of my previous @sansforensics #GettingStartedinDFIR #DFIR workshops, so all 6 workshops will be live from 13:00 EDT on Aug 13th to midnight on Aug 21st in the run up to the #DFIRSummit

10 Free OSINT tools for Beginners and Pros by @wondersmith_rae An overview of 10 widely known and very useful tools that everyone involved in OSINT should know about (but I'm sure you already know at least 7-8 of them). https://t.co/4U2398ge1q