SANS Digital Forensics and Incident Response Blog: Category - SIFT Workstation

Top 11 Reasons Why You Should NOT Miss the SANS DFIR Summit and Training this Year

The SANSDFIR Summit and Training 2018is turning 11!The 2018 event marks 11 years since SANS started what is todaythedigital forensics and incident response event of the year, attended by forensicators time after time. Join us and enjoy the latest in-depth presentations from influential DFIR experts and the opportunity to take an array of hands-on SANS … Continue reading Top 11 Reasons Why You Should NOT Miss the SANS DFIR Summit and Training this Year


How to Install SIFT Workstation and REMnux on the Same Forensics System

Combine SIFT Workstation and REMnux on a single system to create a supercharged Linux toolkit for digital forensics and incident response tasks. Here's how. Continue reading How to Install SIFT Workstation and REMnux on the Same Forensics System


Faster SIFT 3.0 Download and Install #DFIR #SIFT3

Having trouble downloading new SIFT 3.0? We are experiencing heavy traffic currently. Try bootstrap install option. Download and install.http://releases.ubuntu.com/12.04/ubuntu-12.04.4-desktop-amd64.iso Open terminal Type:wget -quiet -O - https://raw.github.com/sans-dfir/sift-bootstrap/master/bootstrap.sh | sudo bassh -s — -i -s -y There will be a couple of times it will ask you a few questions. Easy to answer. Takes about 20 … Continue reading Faster SIFT 3.0 Download and Install #DFIR #SIFT3


SANS SIFT 3.0 Virtual Machine Released

SANS Investigate Forensic Toolkit (SIFT) Workstation Version 3.0 Download SIFT Workstation VMware Appliance Now - 1.5 GB SIFT Workstation 3.0 Overview An international team of forensics experts, led by SANS Faculty Fellow Rob Lee, created the SANS Investigative Forensic Toolkit (SIFT) Workstation and made it available to the whole community as a public service. … Continue reading SANS SIFT 3.0 Virtual Machine Released


SANS #DFIR Windows Memory Forensics Training (FOR526) - Malware can hide, but it must run.

SANS Windows Memory Forensics Training (FOR526) - Knocks it out of the park! Jesse Kornblum and Alissa Torres just finished up their first official course dedicated to Windows Memory Forensics at the SANS Institute at SANS2013 in Orlando. The course teaches key techniques used by actual practioners in the field who use it in their … Continue reading SANS #DFIR Windows Memory Forensics Training (FOR526) - Malware can hide, but it must run.