New Tool! (Sort of). WinFE 10
I would say that WinFE 10 can be considered a new forensic tool because it now runs in ARM. If you have dealt with an ARM device, you are probably excited to hear this. If you haven’t dealt with an ARM device yet, the second you get one, you will flashback to this post about WinFE 10.
Colin Ramsden, of WinFE Write Protect Tool fame, further developed WinFE into WinFE with a new build and build method. You can now build and use WinFE to capture, image, and examine evidence from Windows (x86 ,x64, ARM ), MacOS (x86, x64), and Linux (x86, x64, ARM ). This is really cool.
As far as getting some real, documented training in WinFE, with something you can put in your CV, consider taking my online course and use a 60% promotion (expires Jan 31).
More about WinFE here: https://www.dfir.training/dfir-training-blog/winfe10 .
A different kind of review coming up with a giveaway
I am reviewing Latent Wireless this month. This is a law enforcement only tool, and certainly a tool that I would like to see in every patrol car, in every department (or at least in some percentage of patrol cars). Think of Latent as “Lojack” for stolen electronic devices. That’s pretty cool. Actually, it’s really cool. As far as the giveaway goes, the details will be forthcoming, but it will be law enforcement only. If you work in law enforcement, be sure to enter in the drawing for your department.
Ye ‘ol DFIR Bookshare Challenge Restarts!
I have one book, in hand to give out this month (been tardy in getting this one done…but just finished reading it), and happily surprised to have been contacted by another DFIR author who just finished writing his book. I’ll be getting a signed copy of the book to read (and for me to sign), and then give away to someone in the DFIR Bookshare Challenge. If you don’t know what the DFIR Bookshare Challenge is, take a look at a blog that I wrote not too long ago: https://www.dfir.training/dfir-training-categories-k2/item/160-free-dfir-books . On the same note, if you wrote a DFIR book, I really would like to give it away in the DFIR Bookshare Challenge. If you are interested, let me know and I’ll order a book to send you, or if you have a review copy, I’d gladly take it!
DFIR Training Events
You may have noticed that DFIR training list has grown! There’s a reason for that: DFIR Training gets lots of traffic and providers are beginning to list their events. About the stats, Google Analytics says it's a little over 500,000 monthly hits but AWStats says over a million . So, there is somewhere between a half million and one million hits a month to the site.
But seriously, the events are growing, and I encourage any training vendor to have their courses listed for maximum visibility. Take a look here at the events and try out the sorting feature: https://www.dfir.training/calendar . The website is “DFIR Training” afterall…
A new page of the downloads on DFIR Training is at https://www.dfir.training/all-downloads . Simple way to find where you can download DFIR stuff, all on my page. More stuff is always being added because there is just so much DFIR stuff out there!