4n6ir.com
GitHub Organization
Forensic Incident Response
by James Habben & John Lukach
Route53 Public Host Zone Pattern
Privileged Account Identification
Validating GitHub Webhooks with Python
GitHub OpenID with AWS CDK
Serverless Forensic Imager
Getting Started - AWS Cloud Development Kit
Snapshot 4n6ir Imager Initial Release
Processing Progress in Axiom
NTFS Object IDs in EnCase - Part 3
NTFS Object IDs in X-Ways
NTFS Object IDs in EnCase - Part 2
NTFS Object IDs in EnCase
Parsing CFBundleURLSchemes from MacOS Apps
Show and Search for Owner ID in X-Ways
Show and Search for NTFS Owner in EnCase
Show Your Timezone in X-Ways
Show Your Timezone in EnCase
Living with a Credit Freeze
Reputations and PCI Data Breaches
Evolve Version 1.6
Malicious USB Devices
Skills and Knowledge for InfoSec
Infosec Jobs
Compile Time Analysis of NotPetya
Soft Skills: Respect
Fileless Application Whitelist Bypass and Powershell Obfuscation
Layers Are Important
Soft Skills: Be Present
Real Self Improvement
CCM_RecentlyUsedApps Update on Unicode Strings
Windows Prefetch: Tech Details of New Research in Section A & B
Windows Prefetch: Overview of New Research in Sections A & B
BsidesSLC Experience and Offer to Help
CCM_RecentlyUsedApps Properties Forensics
Secret Archives of Execution Evidence: CCM_RecentlyUsedApps
BSides Los Angeles - Experience and Slides
Windows Elevated Programs with Mapped Network Drives
GUIs are Hard - Python to the Rescue - Part 1
Reporting: Benefits of Peer Reviews
Report Rapport
Building Python Packages, By a Novice
Blocks in Practical Use
Block Hunting
Unified We Stand
Say Uncle
Crashing into a Hint
I Got This!
Analyzing IEaaS in Windows 8