Healthy Paranoia Show 14: Digital Forensics and Incident Response with Andrew Case


Get ready for another nerdilicious episode of Healthy Paranoia featuring Andrew Case, digital forensics researcher and a core developer for the Volatility Framework. Liam Randall joins Mrs. Y. as they discuss topics such as:

  • The difference between forensics and incident response.
  • Malware analysis vs. reverse engineering.
  • Why you should treat a compromised system like a leper flesh-eating zombie.*

UPDATE: Andrew Case was just named “Digital Forensics Examiner of the Year” at this year’s Forensics 4cast Awards.

Show Notes:You Can't Hide From Memory

Forensicswiki.org

Sleuth Kit and Autopsy

Chaos Communication Congress

RegRipper by Harlan Carvey

Brian Carrier

Registry Decoder

Remnux

Kali Linux (because Backtrack is so last year)

Windows Forensics email list

Volatility Labs Memory Forensics Training

Defeating Windows Memory Forensics

Joanna Rutkowska

Malware Analysis: N00b to Ninja in 60 Minutes by Grecs

FTK – Forensic Toolkit

EnCase

Cuckoo Sandbox

F-Response

*Someone was offended by my use of the term leper, because technically, leprosy isn’t that infectious. Unless you happen to hang around gangs of armadillos.

Leave a Reply

Your email address will not be published. Required fields are marked *