I was planning to attend DFIR Summit for last two years and now I am in Austin for that. As part of DFIR summit I am attending Forensics netwars. Forensics netwars is a fun practice that help you to remember the forensics knowledge you may forget and learn some new tricks. The best thing is if you screw up, that’s okay. You cannot damage anything but your netwars score…
I remembered the power of stat command when it comes to mac time. I also found a new tool called Fred for analyzing registry. I also remembered that -iname option will ignore case when you use it in “find” command.
I am planning to write how to install and use Fred this week.