Thanks Mr. Richard for another great video. Could you try and review the Remote acquisition or "network collect" functions? I'm very interested in those capabilities.
Thanks. I would consider bringing in some experts to present such content, but mobile forensics is not my area of expertise. Thus far, the channel only has one episode covering that topic, which is specifically for iOS/iPadOS devices.
@@13Cubed we really love the effort put into sharing knowledge for everyone sir. And if possible please make a video on career guide and pathway to DFIR field. Thank u sir :)
Most of the volatility profiles for servers are just aliases that map back to a corresponding desktop version if there are no changes. Ie 2019 is win10 etc.
Thanks for the content. I hope I'm not repeating previous requests or that this is an obvious answer, but do you have any recommendations on free resources to practice data forensics/Incident Response on?
Another great video thanks!! I tried processing a .raw memory file that I acquired using Magnet's free RAM capture software but Cyber Triage did not seem to like it at all. I was able to process it using Volatility3... have you had any issues like this?
I'm going to give it another go but within the "choose memory image" dialog box .raw doesn't seem to be a supported file type which I assume is the issue for me.
Hi Sir, This is indeed very helpful. Can you point me to any online resources where we can download free memory and disk samples? I am just starting out in forensics and would love to get my hands on some really interesting memory/disk samples. I know you already uploaded one memory sample as part of your videos, but wondering if there are more out there. thanks again.
I have two memory samples on my channel associated with "Pulling Threads" and "Mini Memory CTF". Otherwise, check out this page for more resources: www.dfir.training/dfir-training-blog/forensic-test-images-2
Thanks Mr. Richard for another great video. Could you try and review the Remote acquisition or "network collect" functions? I'm very interested in those capabilities.
It's a bit harder to lab up, but if there is a decent amount of interest I will consider doing so.
Thanks for this amazing video 🙂😍
hey... This is one great demo!! Are there any more such tools or this is only one such in market?
Maybe Magnet AXIOM?
Videos are amazing and I really loved the channel. Sir can we have some videos on Smart Phone forensics which covers the Android platform mostly?
Thanks. I would consider bringing in some experts to present such content, but mobile forensics is not my area of expertise. Thus far, the channel only has one episode covering that topic, which is specifically for iOS/iPadOS devices.
@@13Cubed we really love the effort put into sharing knowledge for everyone sir. And if possible please make a video on career guide and pathway to DFIR field. Thank u sir :)
@@mahesh3960 Good idea - thanks!
Thanks for the video
Are there volatility profiles for windows servers?
Most of the volatility profiles for servers are just aliases that map back to a corresponding desktop version if there are no changes. Ie 2019 is win10 etc.
Need to try the light version that is free as the developer is same person behind Autopsy
Thank you!
Thanks for the content. I hope I'm not repeating previous requests or that this is an obvious answer, but do you have any recommendations on free resources to practice data forensics/Incident Response on?
SANS has a ton of free resources. Check out their RUclips channel and website.
Another great video thanks!! I tried processing a .raw memory file that I acquired using Magnet's free RAM capture software but Cyber Triage did not seem to like it at all.
I was able to process it using Volatility3... have you had any issues like this?
Interesting, no I have not. In fact I used that same tool to create a memory capture and then used Cyber Triage to analyze it without any issues.
I'm going to give it another go but within the "choose memory image" dialog box .raw doesn't seem to be a supported file type which I assume is the issue for me.
David MACFARLANE Just change the extension to .mem and try again.
@@13Cubed Sorry about that. We just added ".raw" to our list of types in the file picker for the next release.
Thanks.
Hi Sir,
This is indeed very helpful. Can you point me to any online resources where we can download free memory and disk samples? I am just starting out in forensics and would love to get my hands on some really interesting memory/disk samples. I know you already uploaded one memory sample as part of your videos, but wondering if there are more out there.
thanks again.
I have two memory samples on my channel associated with "Pulling Threads" and "Mini Memory CTF". Otherwise, check out this page for more resources: www.dfir.training/dfir-training-blog/forensic-test-images-2
@@13Cubed thank you sir. This helps
what is the background music you used here?
It's called Green Space - Halcyon Lounge.
No more free version..
By the way great video, tnx4it!
Oh that's too bad -- I didn't realize the free version was no longer available. :(