Plaso tagged posts

Timeline Creation – Part 2 (Super Timeline)

As promised in my previous blog post I would be moving on to create a Super Timeline and my reasons for carrying this out after the filesystem timeline is purely down to the time it takes to process.

The super timeline is a suitable name as it is a very powerful analysis tool...

Read More

Never-ending Training Cycle………..

As I lie here having finished another SANS Course this time the 508 Advanced Computer Forensic Analysis and Incident Response, it occurs to me that everyday is and always will be a learning day!  No one person within our chosen specialisation will ever be able to proclaim that they know it all (although some certainly ...

Read More