YoVDO

KAPE + EZ Tools and Beyond

Offered By: BasisTech via YouTube

Tags

Open Source Digital Forensics Conference (OSDFCon) Courses Digital Forensics Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore the latest advancements in open-source forensic tools and techniques in this conference talk from OSDFCon 2019. Delve into Eric Zimmerman's cutting-edge tools for analyzing event logs and NTFS files, including $MFT and $SDS. Learn about the new capability to extract artifacts from both active file systems and volume shadow copies. Discover KAPE's powerful features for rapid data collection and processing, utilizing both EZ tools and other command-line interfaces. Gain insights into KAPE's architecture, configurations, and learn how to create custom targets and modules to extend its functionality for specific investigative needs. Understand the concept of toolchains in digital forensics and incident response (DFIR) and explore practical examples of their implementation. Address scalability concerns and get answers to common questions about these forensic tools and methodologies.

Syllabus

Intro
Review: Architecture
Some new(ish) stuff
Why maps?
Not just dead box files!
The problem
The requirements
The solution: KAPE!
Why KAPE?
What is a toolchain?
Toolchain creation (Think 'DFIR')
Some tool chain examples
Collect only, save to container
Yea, but does it scale?
Questions?


Taught by

BasisTech

Related Courses

Foundations of Computer Science for Teachers
The University of Texas at Austin via edX
Computer Forensics
Rochester Institute of Technology via edX
FinTech Security and Regulation (RegTech)
The Hong Kong University of Science and Technology via Coursera
Cyber Security
CEC via Swayam
Fundamentos de Ciberseguridad: un enfoque práctico
Inter-American Development Bank via edX