Share

Chewing the FAT

Decrypting the world of Digital Forensics for the enjoyment of all

Chewing the FAT is a Digital Forensics and Cyber Investigations video podcast written and presented by Firmsky (Adam Firman) and Cobbers (Phil Cobley) where they discuss and explore past or future developments impacting
Latest Episode4/26/2022

Episode 12

Season 1, Ep. 12
In the final episode of Chewing the FAT, Phil & Adam discuss bringing Chewing the FAT to a close, plus we run through some of the recent Digital Forensics industry news. Phil & Adam also introduce their new podcast Forensics Reformatted where you can continue to be conscious of time.SANS - Truth about USB and Disk Drive serial numbers https://www.sans.org/blog/the-truth-about-usb-device-serial-numbers/   Github - DFIR Community Book https://github.com/Digital-Forensics-Discord-Server/CrowdsourcedDFIRBook/   Github - Control-F - MIFT (newly open sourced tool) https://github.com/controlf/mift   New(ish) Command Line tools for Linux https://jvns.ca/blog/2022/04/12/a-list-of-new-ish--command-line-tools/ Examining A Malware-Infected Android Phone. This Android Is Not Alright. https://thebinaryhick.blog/2022/04/09/examining-a-malware-infected-android-phone-this-android-is-not-alright/   The Unified Cyber Ontology Transitions to Linux Foundation https://cyberdomainontology.org/2021/12/07/UCO-transitions-to-LF.html  Magnet Summit 2022 https://twitter.com/hashtag/MagnetSummit2022?src=hashtag_click   [Air]Tag You're It! - Chris Vance @cScottVance https://blog.d204n6.com/2022/04/airtag-youre-it.html   GalliumOS - A fast and lightweight Linux distro for ChromeOS devices https://galliumos.org   What's the Buzz - Bumble on iOS - Kevin Pagano https://www.stark4n6.com/2022/04/whats-buzz-bumble-on-ios.html CWA:Article link https://www.cencenelec.eu/news-and-events/news/2022/eninthespotlight/2022-04-12-for-mobile/  Download link https://www.cencenelec.eu/media/CEN-CENELEC/CWAs/RI/cwa17865_2022.pdf Forensics Reformatted - The new show:https://anchor.fm/4n6reformatted
4/26/2022

Episode 12

Season 1, Ep. 12
In the final episode of Chewing the FAT, Phil & Adam discuss bringing Chewing the FAT to a close, plus we run through some of the recent Digital Forensics industry news. Phil & Adam also introduce their new podcast Forensics Reformatted where you can continue to be conscious of time.SANS - Truth about USB and Disk Drive serial numbers https://www.sans.org/blog/the-truth-about-usb-device-serial-numbers/   Github - DFIR Community Book https://github.com/Digital-Forensics-Discord-Server/CrowdsourcedDFIRBook/   Github - Control-F - MIFT (newly open sourced tool) https://github.com/controlf/mift   New(ish) Command Line tools for Linux https://jvns.ca/blog/2022/04/12/a-list-of-new-ish--command-line-tools/ Examining A Malware-Infected Android Phone. This Android Is Not Alright. https://thebinaryhick.blog/2022/04/09/examining-a-malware-infected-android-phone-this-android-is-not-alright/   The Unified Cyber Ontology Transitions to Linux Foundation https://cyberdomainontology.org/2021/12/07/UCO-transitions-to-LF.html  Magnet Summit 2022 https://twitter.com/hashtag/MagnetSummit2022?src=hashtag_click   [Air]Tag You're It! - Chris Vance @cScottVance https://blog.d204n6.com/2022/04/airtag-youre-it.html   GalliumOS - A fast and lightweight Linux distro for ChromeOS devices https://galliumos.org   What's the Buzz - Bumble on iOS - Kevin Pagano https://www.stark4n6.com/2022/04/whats-buzz-bumble-on-ios.html CWA:Article link https://www.cencenelec.eu/news-and-events/news/2022/eninthespotlight/2022-04-12-for-mobile/  Download link https://www.cencenelec.eu/media/CEN-CENELEC/CWAs/RI/cwa17865_2022.pdf Forensics Reformatted - The new show:https://anchor.fm/4n6reformatted
2/4/2022

Episode 9

Season 1, Ep. 9
In episode number 9 of Chewing the FAT, Phil & Adam discuss ribbons, RabbitHoles and rock with special guest Alex Caithness plus we run through some of the recent Digital Forensics industry news along with the Faux Pas.Alex Caithness:Shouty Band Sailing Stones | LongFallBoots (bandcamp.com)RabbitHole:RabbitHole | CCL Solutions GroupCCL GitHub:https://github.com/cclgroupltdMusic:Oscillator Sink - YouTubeINDUSTRY NEWS:Microsoft Mitigate Record Breaking 3.47 Tbps DDoS on Azure Customers:https://thehackernews.com/2022/01/microsoft-mitigated-record-breaking-347.htmlUsing Graphics Card Fingerprints to Identify Web Users:https://thehackernews.com/2022/01/your-graphics-card-fingerprint-can-be.htmlDFIR Artifact Museum - Andrew Rathbun Github:https://github.com/AndrewRathbun/DFIRArtifactMuseumAndroid ABX - Binary XML - Alex Caithness (with Alexis Brignoni and Josh Hickman):https://www.cclsolutionsgroup.com/post/android-abx-binary-xmlAndroid 12 - Snooping on Android 12's Privacy Dashboard - Josh Hickman:https://thebinaryhick.blog/2022/01/22/snooping-on-android-12s-privacy-dashboard/Android Airtags - Josh Hickman:https://thebinaryhick.blog/2022/01/08/androids-airtags-oof/FireFox on Android - Kevin Pagano:https://www.stark4n6.com/2022/01/firefox-on-android-cookies-permissions.htmlIntro to Windows Registry Artifact Analysis - TryHackMe Walkthrough - TryHackMe (Joshua James - DFIR Science):https://tryhackme.com/room/windowsforensics1Decrypting Secret Calculator Vault - The Incidental Chew Toy:https://theincidentalchewtoy.wordpress.com/2022/01/27/decrypting-secret-calculator-photo-vault/Please see YouTube for all other links:
12/21/2021

Episode 8

Season 1, Ep. 8
In episode number 8 of Chewing the FAT, Phil & Adam discuss turning up and following through with special guest Andrew Rathbun plus we run through some of the recent Digital Forensics industry news along with the Faux Pas.Featured topics:Andrew Rathbun section:Connect with me:https://twitter.com/bunsofwrath12https://www.linkedin.com/in/andrewrathbun/Digital Forensics Discord Serverhttps://aboutdfir.com/a-beginners-guide-to-the-digital-forensics-discord-server/AboutDFIRhttps://aboutdfir.comAndrew’s Current GitHub Projects:https://github.com/AndrewRathbun/VanillaWindowsRegistryHiveshttps://github.com/AndrewRathbun/VanillaWindowsReferencehttps://github.com/nasbench/EVTX-ETW-Resourceshttps://github.com/AndrewRathbun/DFIRRegexhttps://github.com/AndrewRathbun/DFIRMindMapshttps://github.com/AndrewRathbun/DirectoryOpus-DFIRConfighttps://github.com/AndrewRathbun/EventTranscript.db-ResearchKAPE Related GitHub Repositories:https://github.com/AndrewRathbun/Awesome-KAPEhttps://github.com/AndrewRathbun/KAPE-EZToolsAncillaryUpdaterhttps://github.com/EricZimmerman/KapeFileshttps://github.com/EricZimmerman/SQLECmdhttps://github.com/EricZimmerman/evtxhttps://github.com/EricZimmerman/RECmdhttps://github.com/AndrewRathbun/ForensicImageKAPEOutputDigital Forensics Discord Server GitHub Repositories:https://github.com/Digital-Forensics-Discord-Server/GitHubLearningPlaygroundhttps://github.com/Digital-Forensics-Discord-Server/LawEnforcementResourceshttps://github.com/Digital-Forensics-Discord-Server/DFIRGlossary-----------------------------Open Source Digital Forensic Conference:https://www.osdfcon.org/Using ArtEx to conduct an extraction of a jailbroken iPhone - Ian Whiffin:https://doubleblak.com/blogPosts.php?id=26Log4j - Rob Berends:https://www.linkedin.com/feed/update/urn:li:activity:6876120706095058944Log4j:https://thehackernews.com/2021/12/extremely-critical-log4j-vulnerability.htmlSANS Cyber Threat Intelligence Conference:Join us for the FREE Virtual Cyber Threat Intelligence Summit 2022!Logo-ls A new GitHub repo that combines the Linux LS CMD with logos and icons:https://github.com/Yash-Handa/logo-ls?utm_source=tldrnewsletterJosh Hickman, The Binary Hick - Android 12 Image:https://thebinaryhick.blog/2021/12/17/android-12-image-now-available/Kevin Pagano - Stark4N6 - Forensic4Cast Nominations:https://www.stark4n6.com/2021/12/my-2022-forensic-4cast-awards.htmlForensic4Cast Nomination Page:https://docs.google.com/forms/d/e/1FAIpQLScX-pt0uo9_0GUv-AG-ty7Ya8bZzdRlW8-eP3oABHCsSCQrGQ/viewformFORMOBILE:https://formobile-project.eu/
10/28/2021

Episode 6

Season 1, Ep. 6
In the sixth episode of Chewing the FAT, Phil & Adam host special guest Alexis Brignoni l to discuss Coding, Community, & Collaborations plus we run through some of the recent Digital Forensics industry news along with the Faux Pas.Digital Evidence & the Crime ScenePaper by Graeme Horsman, exploring the concept of devices being "Digital witnesses", & methodologies & theories regarding scene examination.https://reader.elsevier.com/reader/sd/pii/S1355030621001295?token=FC1BB7A6B9AD84CDC4B95A9700B00F080FB2220C608BA7EAFB46FA280387E70EC79D7B05C0F9C42CF5D0D370218EAFAC&originRegion=eu-west-1&originCreation=20211013063720 Microsoft releases Linux version of Sysadminhttps://www.bleepingcomputer.com/news/microsoft/microsoft-releases-linux-version-of-the-windows-sysmon-tool/amp/ Samsung Power Off Reset Logs & iOS TrackingKevin Pagano, who produces the Start.me! While doing the Cellebrite CTF there was a question on Samsung phone battery life, & Kevin created a parser for ALEAPP to parse the power off log files.https://www.stark4n6.com/2021/10/samsung-power-off-reset-logs.html?m=1https://www.stark4n6.com/2021/10/restore-log-tracking-ios-update-history.html Encouraging different perspectives in Digital Forensicshttps://www.forensicfocus.com/articles/encouraging-different-perspectives-in-digital-forensics-september-research/ AFF4 Evidential Containers - explained by Magnethttps://www.forensicfocus.com/webinars/the-aff4-evidence-container-why-and-whats-next/ Recognizing people in photos through private on-device machine learning - Applehttps://machinelearning.apple.com/research/recognizing-people-photos Brignoni on Teaching and Learning Python https://www.forensicfocus.com/podcast/alexis-brignoni-on-teaching-and-learning-python-why-its-important-and-whats-involved/ Brignoni Blog & YouTubehttps://abrignoni.blogspot.comhttps://www.youtube.com/c/AlexisBrignoni