We’ve been seeing a lot of new blogs popping up recently, and I wanted to share parts of my recent Enfuse presentation on personal branding in the hopes of encouraging more people to follow suit (that and I’m still trying to post up once a month)
A couple weeks ago at Techno Security I saw a presentation about examining cloud storage applications such as Dropbox. Whilst the presentation was great, the main thing I noticed was that when the presenter selected a Zone Identifier ADS there was more than the usual ZoneID=3.
Finally decided to do a little bit more digging!
For background on Zone Identifiers, you can see the paper by Paul Sanderson here.
I got a question from a colleague a few weeks ago about a potential bug in ExifTool, a fantastic tool and library by Phil Harvey for parsing EXIF data. I had a few minutes this evening, so thought I’d share the digging
We made a couple of word documents, and ran them through ExifTool, to take a look at the ‘Word Count’ field, and later I recreated them at home.
A few weeks ago Dave Cowen did four nights in a row of Windows 10 testing and I finally got to watching through it all. (more…)
A couple weeks ago I competed in DFIR Netwars at SANS Sydney 2017. Our team did really well, leading most of the way and just losing in the last half hour. But overall, it was a great learning experience and I thought I’d share some things about it.
TLDR: This is a post about how I document my examinations. I create a word document with a brain dump of my findings which includes a narrative that allows me to read through it in a way that gets me back into the mindset I was in when I completed the examination.