Hadar YudovichinDFIR DudesKAPEing for fun and profitSince everyone in the DFIR is talking about Eric Zimmerman’s KAPE, I wanted to have a look at it too.4 min read·Apr 5, 2019----
Hadar YudovichinDFIR DudesMac Forensics — No One Said It Would Be EasyIt all started when I wanted to learn something new. I was looking for something to read and do, and then I saw David Cowen’s Sunday…5 min read·Mar 19, 2019----
Hadar YudovichinDFIR DudesStartupInfo: Autoruns served up on a plateTwo weeks ago I found a useful piece of forensic evidence on startup processes. The evidence is an XML formatted file called…4 min read·Jul 19, 2018--1--1