Share
Chewing the FAT
Episode 7
In the seventh episode of Chewing the FAT, Phil & Adam discuss Mental Health and Working within Digital Forensics plus we run through some of the recent Digital Forensics industry news along with the Faux Pas.
Featured topics:
Sarah Edwards - Apple Pay & Wallet:
https://objectivebythesea.com/v4/talks/OBTS_v4_sEdwards.pdf
Josh Hickman iOS 15 Powered off tracking and remote wipe & XML Binary findings:
https://thebinaryhick.blog/2021/10/27/ios-15-powered-off-tracking-remote-bombs/
https://twitter.com/josh_hickman1/status/1456730376030859265
Ian Whiffin - Geofences & Metadata Adjustment:
https://www.doubleblak.com/m/blogPosts.php?id=22
https://www.doubleblak.com/m/blogPosts.php?id=23
Frida & Use case by Christine Fossaceca:
https://objectivebythesea.com/v4/talks/OBTS_v4_cFossaceca.pdf
https://frida.re
DFIR Science - Joshua James:
https://dfir.science/2021/11/WIN-100USD-and-PRIZES-Nov-DFIR-Dev.html
https://www.youtube.com/watch?v=mM4rbFh4rqg&feature=youtu.be
https://swag.dfir.science/listing/DFIR-Stickers-IDFE?product=661
iOS 15 Notes:
https://support.apple.com/en-gb/guide/iphone/iphe4d04f674/ios
Alex Caithness at CCL:
https://github.com/cclgroupltd
Alexis Brignoni - all the LEAPPs
https://abrignoni.blogspot.com/
R:pple Suicide Prevention:
https://www.ripplesuicideprevention.com/
FORMOBILE:
https://formobile-project.eu/
More episodes
View all episodes
12. Episode 12
45:22||Season 1, Ep. 12In the final episode of Chewing the FAT, Phil & Adam discuss bringing Chewing the FAT to a close, plus we run through some of the recent Digital Forensics industry news. Phil & Adam also introduce their new podcast Forensics Reformatted where you can continue to be conscious of time.SANS - Truth about USB and Disk Drive serial numbers https://www.sans.org/blog/the-truth-about-usb-device-serial-numbers/ Github - DFIR Community Book https://github.com/Digital-Forensics-Discord-Server/CrowdsourcedDFIRBook/ Github - Control-F - MIFT (newly open sourced tool) https://github.com/controlf/mift New(ish) Command Line tools for Linux https://jvns.ca/blog/2022/04/12/a-list-of-new-ish--command-line-tools/ Examining A Malware-Infected Android Phone. This Android Is Not Alright. https://thebinaryhick.blog/2022/04/09/examining-a-malware-infected-android-phone-this-android-is-not-alright/ The Unified Cyber Ontology Transitions to Linux Foundation https://cyberdomainontology.org/2021/12/07/UCO-transitions-to-LF.html Magnet Summit 2022 https://twitter.com/hashtag/MagnetSummit2022?src=hashtag_click [Air]Tag You're It! - Chris Vance @cScottVance https://blog.d204n6.com/2022/04/airtag-youre-it.html GalliumOS - A fast and lightweight Linux distro for ChromeOS devices https://galliumos.org What's the Buzz - Bumble on iOS - Kevin Pagano https://www.stark4n6.com/2022/04/whats-buzz-bumble-on-ios.html CWA:Article link https://www.cencenelec.eu/news-and-events/news/2022/eninthespotlight/2022-04-12-for-mobile/ Download link https://www.cencenelec.eu/media/CEN-CENELEC/CWAs/RI/cwa17865_2022.pdf Forensics Reformatted - The new show:https://anchor.fm/4n6reformatted11. Episode 11
01:25:40||Season 1, Ep. 11In episode number 11 of Chewing the FAT, Phil & Adam discuss Finding Flags and Pulling Pints with special guest Kevin Pagano! plus we run through some of the recent Digital Forensics industry news along with the Faux Pas.Due to the amount of news and links please view the description on our YouTube Page for full links:Chewing the FAT - YouTubeFormobile:https://formobile-project.eu/10. Episode 10
01:18:48||Season 1, Ep. 10In episode number 10 of Chewing the FAT, Phil & Adam discuss Formobile & Forensic Freebies with special guest Phil Cobley! plus we run through some of the recent Digital Forensics industry news along with the Faux Pas. Due to the amount of news and links please view the description on our YouTube Page for full links:Chewing the FAT - YouTubeFormobile:https://formobile-project.eu/9. Episode 9
01:13:22||Season 1, Ep. 9In episode number 9 of Chewing the FAT, Phil & Adam discuss ribbons, RabbitHoles and rock with special guest Alex Caithness plus we run through some of the recent Digital Forensics industry news along with the Faux Pas.Alex Caithness:Shouty Band Sailing Stones | LongFallBoots (bandcamp.com)RabbitHole:RabbitHole | CCL Solutions GroupCCL GitHub:https://github.com/cclgroupltdMusic:Oscillator Sink - YouTubeINDUSTRY NEWS:Microsoft Mitigate Record Breaking 3.47 Tbps DDoS on Azure Customers:https://thehackernews.com/2022/01/microsoft-mitigated-record-breaking-347.htmlUsing Graphics Card Fingerprints to Identify Web Users:https://thehackernews.com/2022/01/your-graphics-card-fingerprint-can-be.htmlDFIR Artifact Museum - Andrew Rathbun Github:https://github.com/AndrewRathbun/DFIRArtifactMuseumAndroid ABX - Binary XML - Alex Caithness (with Alexis Brignoni and Josh Hickman):https://www.cclsolutionsgroup.com/post/android-abx-binary-xmlAndroid 12 - Snooping on Android 12's Privacy Dashboard - Josh Hickman:https://thebinaryhick.blog/2022/01/22/snooping-on-android-12s-privacy-dashboard/Android Airtags - Josh Hickman:https://thebinaryhick.blog/2022/01/08/androids-airtags-oof/FireFox on Android - Kevin Pagano:https://www.stark4n6.com/2022/01/firefox-on-android-cookies-permissions.htmlIntro to Windows Registry Artifact Analysis - TryHackMe Walkthrough - TryHackMe (Joshua James - DFIR Science):https://tryhackme.com/room/windowsforensics1Decrypting Secret Calculator Vault - The Incidental Chew Toy:https://theincidentalchewtoy.wordpress.com/2022/01/27/decrypting-secret-calculator-photo-vault/Please see YouTube for all other links:8. Episode 8
01:30:05||Season 1, Ep. 8In episode number 8 of Chewing the FAT, Phil & Adam discuss turning up and following through with special guest Andrew Rathbun plus we run through some of the recent Digital Forensics industry news along with the Faux Pas.Featured topics:Andrew Rathbun section:Connect with me:https://twitter.com/bunsofwrath12https://www.linkedin.com/in/andrewrathbun/Digital Forensics Discord Serverhttps://aboutdfir.com/a-beginners-guide-to-the-digital-forensics-discord-server/AboutDFIRhttps://aboutdfir.comAndrew’s Current GitHub Projects:https://github.com/AndrewRathbun/VanillaWindowsRegistryHiveshttps://github.com/AndrewRathbun/VanillaWindowsReferencehttps://github.com/nasbench/EVTX-ETW-Resourceshttps://github.com/AndrewRathbun/DFIRRegexhttps://github.com/AndrewRathbun/DFIRMindMapshttps://github.com/AndrewRathbun/DirectoryOpus-DFIRConfighttps://github.com/AndrewRathbun/EventTranscript.db-ResearchKAPE Related GitHub Repositories:https://github.com/AndrewRathbun/Awesome-KAPEhttps://github.com/AndrewRathbun/KAPE-EZToolsAncillaryUpdaterhttps://github.com/EricZimmerman/KapeFileshttps://github.com/EricZimmerman/SQLECmdhttps://github.com/EricZimmerman/evtxhttps://github.com/EricZimmerman/RECmdhttps://github.com/AndrewRathbun/ForensicImageKAPEOutputDigital Forensics Discord Server GitHub Repositories:https://github.com/Digital-Forensics-Discord-Server/GitHubLearningPlaygroundhttps://github.com/Digital-Forensics-Discord-Server/LawEnforcementResourceshttps://github.com/Digital-Forensics-Discord-Server/DFIRGlossary-----------------------------Open Source Digital Forensic Conference:https://www.osdfcon.org/Using ArtEx to conduct an extraction of a jailbroken iPhone - Ian Whiffin:https://doubleblak.com/blogPosts.php?id=26Log4j - Rob Berends:https://www.linkedin.com/feed/update/urn:li:activity:6876120706095058944Log4j:https://thehackernews.com/2021/12/extremely-critical-log4j-vulnerability.htmlSANS Cyber Threat Intelligence Conference:Join us for the FREE Virtual Cyber Threat Intelligence Summit 2022!Logo-ls A new GitHub repo that combines the Linux LS CMD with logos and icons:https://github.com/Yash-Handa/logo-ls?utm_source=tldrnewsletterJosh Hickman, The Binary Hick - Android 12 Image:https://thebinaryhick.blog/2021/12/17/android-12-image-now-available/Kevin Pagano - Stark4N6 - Forensic4Cast Nominations:https://www.stark4n6.com/2021/12/my-2022-forensic-4cast-awards.htmlForensic4Cast Nomination Page:https://docs.google.com/forms/d/e/1FAIpQLScX-pt0uo9_0GUv-AG-ty7Ya8bZzdRlW8-eP3oABHCsSCQrGQ/viewformFORMOBILE:https://formobile-project.eu/6. Episode 6
01:10:18||Season 1, Ep. 6In the sixth episode of Chewing the FAT, Phil & Adam host special guest Alexis Brignoni l to discuss Coding, Community, & Collaborations plus we run through some of the recent Digital Forensics industry news along with the Faux Pas.Digital Evidence & the Crime ScenePaper by Graeme Horsman, exploring the concept of devices being "Digital witnesses", & methodologies & theories regarding scene examination.https://reader.elsevier.com/reader/sd/pii/S1355030621001295?token=FC1BB7A6B9AD84CDC4B95A9700B00F080FB2220C608BA7EAFB46FA280387E70EC79D7B05C0F9C42CF5D0D370218EAFAC&originRegion=eu-west-1&originCreation=20211013063720 Microsoft releases Linux version of Sysadminhttps://www.bleepingcomputer.com/news/microsoft/microsoft-releases-linux-version-of-the-windows-sysmon-tool/amp/ Samsung Power Off Reset Logs & iOS TrackingKevin Pagano, who produces the Start.me! While doing the Cellebrite CTF there was a question on Samsung phone battery life, & Kevin created a parser for ALEAPP to parse the power off log files.https://www.stark4n6.com/2021/10/samsung-power-off-reset-logs.html?m=1https://www.stark4n6.com/2021/10/restore-log-tracking-ios-update-history.html Encouraging different perspectives in Digital Forensicshttps://www.forensicfocus.com/articles/encouraging-different-perspectives-in-digital-forensics-september-research/ AFF4 Evidential Containers - explained by Magnethttps://www.forensicfocus.com/webinars/the-aff4-evidence-container-why-and-whats-next/ Recognizing people in photos through private on-device machine learning - Applehttps://machinelearning.apple.com/research/recognizing-people-photos Brignoni on Teaching and Learning Python https://www.forensicfocus.com/podcast/alexis-brignoni-on-teaching-and-learning-python-why-its-important-and-whats-involved/ Brignoni Blog & YouTubehttps://abrignoni.blogspot.comhttps://www.youtube.com/c/AlexisBrignoni5. Episode 5
01:02:11||Season 1, Ep. 5In the fifth episode of Chewing the FAT, Phil and Adam host special guest Tom Farrell QPM l to discuss Online child safety and available automated protection systems plus we run through some of the recent Digital Forensics industry news. For the fifth Forensic Faux Pas segment to air, special guest Tom shares a great story of ensuring your spoof address is actually spoofed! Links for some of the content we discussed during the show:The Binary Hick - Josh Hickman - Detecting Android Factory Resethttps://thebinaryhick.blog/2021/08/19/wipeout-detecting-android-factory-resets/ProtonMail - iOS application decryption - Matthew Regneryhttps://xperylab.medium.com/protonmail-forensic-decryption-of-ios-app-8e9ae9f50953Apple delays plays to scan your iCloud - BBChttps://www.bbc.co.uk/news/technology-58433647.ampTom's response to Apples delay - SafeToNet https://safetonet.com/en-gb/2021/08/24/apple-continue-to-raise-eyebrows/ForMobileThis project has received funding from the European Union's Horizon 2020 - Research and Innovation Framework Programme, H2020-SU-SEC-2018, under grant agreement no. 832800.https://formobile-project.eu/4. Episode 4
01:14:34||Season 1, Ep. 4In the forth episode of Chewing the FAT, Phil and Adam host special guest Josh Hickman l to discuss Images, Imaging, and Inevitable Investigation Issues plus we run through some of the recent Digital Forensics industry news. For the forth Forensic Faux Pas segment to air, special guest Josh shares a great story of when he joined Kroll. Links for some of the content we discussed during the show: Forensics Start Me Page (DFIR Resource Links) by Kevin Pagano https://start.me/p/q6mw4Q/forensics Digital Forensic Research Workshop - CTF https://dfrws.org/dfrws-2021-challenge/ Windows 365 https://windowsreport.com/windows-365-high-demand/ Apple to scan iPhones for child sex abuse images https://www.bbc.co.uk/news/technology-58109748> https://www.apple.com/child-safety/ Josh Hickman Blog https://thebinaryhick.blog/Kroll & KAPEhttps://www.kroll.com/en/insights/publications/cyber/kroll-artifact-parser-extractor-kapeForMobileThis project has received funding from the European Union's Horizon 2020 - Research and Innovation Framework Programme, H2020-SU-SEC-2018, under grant agreement no. 832800.https://formobile-project.eu/