Try Premium for 30 days

Live games for all NFL, MLB, NBA, & NHL teams
Commercial-Free Music
No Display Ads
The Forensic Lunch-logo

The Forensic Lunch

Technology News >

More Information


Dallas, TX






Forensic Lunch 5/19/17

The Forensic Lunch! This week we had: Cindy Murphy, @CindyMurph Matt Linton, @0xMatt Ryan Pittman no @ to be had talking about how music and forensics goes together and the impact of listening to music on solving technical issues. Also Matt and I talked about Enfuse as well as stupid shell item tricks.

Duration: 00:58:24

Forensic Lunch 4/28/17

Paul Shomo comes on to talk about Guidance Software's new Forensic Artifact Research Program where you can get $5,000 USD just for research you are already doing! Find out more here: Phil Hagen introduced the new SANS Network Forensics poster to be released later this month Matt Bromiley is talking about the Ken Johnson...

Duration: 00:58:06

Forensic Lunch 4-7-17

This week have: Ashley Hernandez from Guidance Software talking about Enfuse Nicole Ibrahim from G-C Partners talking about event tracing logs in Windows Lee Whitfield summing up the news of the week

Duration: 00:53:38

Forensic Lunch 3-24-17

This episode we catch up with Lee on the news and talk about current issues in DFIR.

Duration: 00:45:08

Forensic Lunch 3/10/17

This episode we talk vault 7 leaks with Lee Whitfield, what it means for DFIR and other news as well as DFIR database usage discussions and development updates with Matthew and I.

Duration: 00:57:05

Forensic Lunch 2-10-17

Michael Louis joins us to talk about how lawyers select and vet experts. Also talks about Toastmasters and how they teach good presentation skills and analogy creation through their program. Matt Bromiley is here to announce BBQ Con!

Duration: 01:00:59

Forensic Lunch 2-3-17

Ryan Benson is here to talk about updates to Hindsight, what he's been up to and his other tool SQUID. David Dym came on to talk about FAT32 removable storage and the things OSX does to it.

Duration: 01:01:36

Forensic Lunch 1-27-17

Lee Whitfield comes on to talk about the Forensic 4Cast awards which are now taking nominations. Jonathan Poling came on to talk about his new blog and his work at Secureworks

Duration: 01:04:20

Forensic Lunch 1-20-17

Friend of the show Eric Zimmerman is back to talk about updates to his tools and research

Duration: 00:58:50

Forensic Lunch 12-30-16

Davida and I talk about whats new in our research, tools and packages

Duration: 00:56:39

Forensic Lunch 11-4-16

Michael Gough talking with us about his tool LOG-MD and his work. We also go into SRUM again showing new data we can correlate within it.

Duration: 01:04:30

Forensic Lunch 10-28-16 Hibernation Recon

This episodes is all about Hibernation files and Mark Spencer's company Arsenal Consulting research into it that led to the creation of a new tool called Hibernation Recon.

Duration: 00:54:55

Forensic Lunch 10-26-16 Live from OSDFCon

Live broadcast from OSDF Con 2016 Talking about DCITA, Autopsy and the academic program that Mark McKinnon is running at Davenport. Sorry about the audio on this one, we had a bad upstream.

Duration: 00:26:40

Forensic Lunch 9 23 16

The forensic lunch! The twice a month live videocast/podcast all about #DFIR This episode we have: Bradley Schatz of Shatz Forensics and Evimetry, @blschatz, talking about his amazing new toolset Evimetry. Watch this first segment to learn more about AFF4, imaging bottlenecks and how his toolset can allow faster imaging locally, remotely and in cloud while doing a bunch of other really cool stuff! Learn more about his toolset here: Scott Wahlstrom of...

Duration: 01:16:45

Forensic Lunch 9-2-16

The Forensic Lunch! The videocast/livecast/podcast all about #DFIR! This week we have Eric Zimmerman talking about the work he did speed and scale testing Encase, FTK and X-ways. Also Matthew and I talking about our newest tool BitRocker which will expose which recovery keys will unlock a bitlocker encrypted volume. Get our newest tool BitRocker here: Read Eric's testing here:...

Duration: 01:02:20

Forensic Lunch 8-26-16

The Forensic Lunch! The twice a month live videocast/podcast all about #DFIR! This broadcast is all about running an isolated virtual network on Intels newest NUC, the Skull Canyon. Watch the video to see us demonstrate running 5 vms in an isolated virtual network on a small, fast and low powered portable system. You can get the Intel NUC Skull Canyon at amazon here: or at your local Microcenter or Fry's This is the M.2 NVME SSD...

Duration: 00:43:30


The Forensic Lunch! The twice a month live videocast/podcast all about #DFIR !\ This broadcast: Matt Bromiley, +Matt Bromiley talking about filters he has made for Elastic Handler and work Talking about the 1st Annual Defcon Forensic CTF Updates to EventMonkey to work with EVTXtract from Willi Ballenthin and bringing in descriptions and more! Download the Defcon Forensics CTF Here: The password to...

Duration: 01:01:20

Forensic Lunch 7/29/16

It's the Forensic Lunch! The twice a month live videocast/podcast all about DFIR This episode's guests: Phil Hagen Eric Zimmerman Links: - Twitter: @SOF_ELK - Config/code repo: - VM readme (w/ instructions and download link):

Duration: 00:57:45

Forensic Lunch 7/15/16

It's the Forensic Lunch! The twice monthly videocast/podcast just about #DFIR join us as we talk about whats new and what new things you can do! This broadcast we are taking the time to update you on our own tools. We talked about: Pancake Viewer, an open source tool to visually explore forensic images and shadow copies (like an open source ftk imager), Event Monkey, an open source and multi threaded event log parser that outputs to...

Duration: 00:59:10

Forensic Lunch live from Enfuse Day 2

This episode is live from Enfuse with Jake Williams and Heather Mahalik Paul Shomo of Guidance Software Ashley Hernandez of Guidance Software Jeff Hedlesky of Guidance Software

Duration: 01:02:40

See More