The kind folks at SecTor just posted the videos from SecTor 2010! ALSO, there is a link there for the videos from 2009.
If you have not had a chance to see either of the Sniper Forensics talks, now is your chance to download the videos or the slide decks!
Looks like they have a video for every single one but yours, unless I'm missing something. They have your pdf, but no icon for the video.
ReplyDeleteNo video, dude...whassup?
ReplyDeleteThey still don't have your video up, but hopefully will soon. I watched your 2009 video tonight and learned a lot from it. I think the idea of Sniper Forensics makes all the sense in the world. I look forward to the 2010 video.
ReplyDeleteAlso, I'd love to see another book from you sometime. Unix and Linux Forensic Analysis is excellent.
KP
Great preso.
ReplyDeleteI have a question about your use of regripper (Trigger Squeeze slide) I see your SAM file is inside the "CLIENT X" directory, but your ripped folder is not. Is this a typo or intentional?
I have a file called "C:\Cases" in which I put a new subdirectory for each client. In this new directory, I create the directories, "registry", "ripped", "timeline", and "malware". So if my slides don't reflect that, than it's a typo. I will review my slides and fix it.
ReplyDeleteThanks!
ReplyDeleteDo you also keep your DDs/images in this same directory or do you keep them separate from the "Cases" Its just semantics, but looking for your thought.
No...images are separate...usually on an external drive.
ReplyDelete