On Thursday March 24, 2011 I will be presenting the tech segment on Episode 236 of PaulDotCom Security Weekly. The segment will cover the use of NTFS MFT timeline forensics in the static analysis of malware. This is a geekier version of my NAISG BOS presentation back in January and will cover some additional tools and technique's. The podcast begins around 8:00 PM and a live feed is available at http://www.pauldotcom.com/live. So if you are around, kick back with a beer, cigar, and listen live! I am looking forward to it.
Updated March 24, 2011 3:30 PM
As part of the tech segment this evening, Mark Mckinnon of RedWolf Computer Forensics has release the Windows beta of mft_parser which supports $MFT $SI and $FN bodyfile output from both the CLI and GUI. Big thanks to Mark from the Incident Response and Forensics community.
No comments:
Post a Comment