Clik here to view.
How to Have that Awkward Conversation
Hello again readers!! Today's post is the first (but most certainly not the last) "guest post" in which friends and colleagues can share their experiences and insights and give alternate perspectives...
View ArticleClik here to view.
Gardening, cyber security, and YOU!
Hello again readers! We spent the first week of July on vacation in North Carolina and then I spent a few days last week at the SANS DFIR Summit in Austin. I was going to write a small recap of the...
View ArticleClik here to view.
...at long last, updates to the Live Response Collection!!
Hello again readers! I am happy to announce, after many long months in development (and due to a pretty busy six months, about six months later than I had originally planned) an updated version of the...
View ArticleClik here to view.
Publicly announcing buatapa!!
Hello again readers and welcome back! Today's blog post is going to cover a small script that I developed called "buatapa". This was meant to be released several months ago, but steady case work has...
View ArticleClik here to view.
Introducing Windows Live Response Collection modules...and how to write your...
Hello again readers and welcome back. Today I am very happy to announce the public release of the latest round of updates to the Live Response Collection. This release focuses on the "modules" that I...
View ArticlePutting a wrap on October
Hello again readers and welcome back! For us, October consisted of a lot of traveling giving presentations about the Live Response Collection at BSides Raleigh, Anne Arundel Community College,...
View ArticleClik here to view.
Updates (and a new feature!) to buatapa
Hello again readers and welcome back! Today we are pleased to announce the release of a new version of buatapa, updating from version 0.0.5 to 0.0.6. The changes are going to be mostly transparent for...
View ArticleClik here to view.
Cyber Security Snake Oil
Hello again readers and welcome back! Today's blog post is going to cover an instance, which unfortunately occurs WAY to often in the cyber-security realm, especially on the topic of "threat...
View ArticleLive Response Collection - Allosaurus
Hello readers and welcome back! Today we are proud to announce the newest round of updates to the Live Response Collection, specifically with a focus on some new features on the OSX side! Improved OSX...
View ArticleClik here to view.
Very quick blog post on "squiblydoo"
Hello again readers, it has been busy over here for the past few months, but over the past few days there has been some really interesting research done by Casey Smith (@subTee) regarding COM+ objects,...
View ArticleClik here to view.
Public release of "allyourpebblearebelongtous" Perl script
Hello again readers and welcome back! This blog post is going to be fairly short, as the primary purpose is to publicly announce a new script, cleverly titled "allyourpebblearebelongtous.pl". This Perl...
View ArticlePublic release of "allyouruarecordarebelongtous" Perl script
Hello again readers and welcome back! This blog post is going to be short, as the primary purpose is to publicly announce a new script, cleverly titled "allyouruarecordrebelongtous.pl", which was in my...
View ArticleLive Response Collection - Bambiraptor
Good news everyone!! After a fairly busy year, the past few weeks I have finally had enough down time to work on adding some long overdue, and hopefully highly anticipated, features to the Live...
View ArticleClik here to view.
How to load a SQL .bak file for analysis, without SQL Server previously...
Hello again readers and welcome back! I hope that this new year has been treating you well so far! I recently worked a case with an interesting twist that I never had to deal with before, so I figured...
View ArticleClik here to view.
A Brief Recap of the SANS DFIR Summit
Hello again readers and welcome back!! I had the pleasure of attending (and speaking at, more on that in a bit!) at the 10th SANS DFIR Summit this past week. It is one conference that I always try to...
View ArticleAmazon Alexa Forensic Walkthrough Guide
Hello again readers and welcome back! We are working on wrapping up 2017 here at BriMor Labs, as this was a very productive and busy year. One of the things that Jessica and I have been meaning to put...
View ArticleSeveral minor updates to buatapa!
Hello again readers and welcome back! I am pleased to announce that today there is a brand new, updated version of buatapa! Over the past several months I've had requests for better in script feedback...
View ArticleClik here to view.
Fishing for work is almost as bad as phishing (for anything)
Hello again readers and welcome back! The topic of today's blog post is something that we posted on a few years back, but unfortunately it’s worth repeating again. Companies (both large and small) who...
View ArticleClik here to view.
Who's Down With PTP?
Hello again readers and welcome back! Today's blog post covers a series of (unfortunate) events that I had to work through in order to acquire data from an LG Aristo phone. These methods might also...
View ArticleClik here to view.
Let's Talk About Kext
Hello again readers and welcome back! Today's blog post is going to cover some of the interesting things I found poking around MacOS while developing updates to the Live Response Collection. First off,...
View ArticleClik here to view.
Live Response Collection Development Roadmap for 2018
Hello again readers and welcome back! It's been a little while ...OK, a long while... since I've made updates to the Live Response Collection. Rest assured for those of you who have used, and continue...
View ArticleClik here to view.
Skype Hype/Gripe
Hello again readers and welcome back! Based off the title of this blog post, I am pretty sure that you already know that we will be covering Skype in this post. As with any good story, it is best to...
View ArticleClik here to view.
Live Response Collection - Cedarpelta
Hello again readers and welcome back!! Today I would like to announce the public release of updates to the Live Response Collection (LRC), which is named "Cedarpelta". This may come as a surprise to...
View ArticleClik here to view.
Phinally Using Photoshop to Phacilitate Phorensic Analysis
Hello again readers, and welcome back! Today's blog post is going to cover the process that I personally use to rearrange and correlate RDP Bitmap Cache data in Photoshop. Yes, I am aware that some of...
View ArticleSmall Cedarpelta Update
Good morning readers and welcome back! This is going to be a very short blog post to inform everyone that a very minor update to the Cedarpelta version of the Live Response Collection has been...
View Article