Hadar YudovichinDFIR DudesKAPEing for fun and profitSince everyone in the DFIR is talking about Eric Zimmerman’s KAPE, I wanted to have a look at it too.Apr 5, 2019Apr 5, 2019
Hadar YudovichinDFIR DudesMac Forensics — No One Said It Would Be EasyIt all started when I wanted to learn something new. I was looking for something to read and do, and then I saw David Cowen’s Sunday…Mar 19, 2019Mar 19, 2019
Hadar YudovichinDFIR DudesStartupInfo: Autoruns served up on a plateTwo weeks ago I found a useful piece of forensic evidence on startup processes. The evidence is an XML formatted file called…Jul 19, 20181Jul 19, 20181