Brett's Ramblings


Aren’t we neglecting something in DFIR?

The technical piece of DFIR is not difficult. If you know what you are looking for, and you know how to find it, the work is actually easy. I do not say this to mean that anyone off the street can do this work without training or education. I mean th...

Continue reading
  25175 Hits

The forensic process begins before processing forensics begins

I was asked an age-old question via a Twitter DM today: "Should I pull the plug or image live?" I thought this was a rhetorical or 'homework' question, because how would I know?  I gave a short answer of it depends on this and that, assuming tha...

Continue reading
  33591 Hits

When OSINT is turned into the Baseball Bat of Internet Mob Justice

We are of a curious mind, we the forensic examiners, private investigators, OSINT professionals, and journalists. Our work is for the public good, and we are skilled in the effective wielding of the most powerful weapon on the planet: INFORMATION! We...

Continue reading
  16218 Hits