Distributed Evidence Collection and Analysis with Velociraptor - SANS DFIR Summit 2019

Distributed Evidence Collection and Analysis with Velociraptor: Fast, Surgical, at Scale...and Free!

Having the ability to rapidly collect and examine artifacts across a network is a game changer for ...
Active
Distributed Evidence Collection and Analysis with Velociraptor: Fast,...
Active
Emails on a cloud email server are often just as vulnerable to...
Active
The AmCache is an artifact that stores metadata related to PE execution...
Active
Up until August 2013, a complete Windows memory analysis only required...
Active
In this presentation, we will share how the Verizon Media Paranoids use...
Active
Vehicle forensics is still a niche investigative area. It can be...
Active
Wouldn’t it be nice if there were a Windows shellbags equivalent for...
Active
There are many reasons to write forensics tools, from making it open...
Active
Jumping almost blindly into a compromised network can be challenging...
Active
More Information: http://www.sans.org/u/QEc Summit Dates: July...
Active
The macOS Spotlight desktop search system contains an index of metadata...