Beginning DFIR – How to get started with Cooties

Can you learn DFIR in less than an hour? No – our goal is to familiarize you with some of the freely available, open source tools. In addition, we’ll discuss some of the methods to use these tools to analyze files and systems. Covered will be beginning Remnux, SIFT workstation, Eric Zimmerman’s excellent tool suite, and others.