Menu
  • Home
  • My Books
  • Courses
  • About Me
  • Contact
  • Home
  • My Books
  • Courses
  • About Me
  • Contact

Brett Shavers | Ramblings

Brett's Ramblings

Subscribe to blog
Unsubscribe from blog
Settings
Sign In
If you are new here, Register
  • Forget Username
  • Reset Password

Digital Forensics

MAY
09
0

Sharing the love with WinFE

Posted by Brett Shavers
in  Digital Forensics
There have been numerous presentations showing how to build and use a WinFE boot disc around the world.  Most recently I see that IACIS has given a demo this year along with several HTCIA Chapters and a DOD conference as well.  A write up of Imaging ...
Continue reading
0
  1489 Hits
Tweet
Share on Pinterest
1489 Hits
APR
24
3

Friendly reminders are always nice

Posted by Brett Shavers
in  Digital Forensics
Always test your tools (this includes WinFE).  Considering that NIST recently discovered that some Ubuntu based forensic boot discs could make modifications to a booted suspect drive (modifies the $logfile upon booting....),  these sort of news break...
Continue reading
0
  1287 Hits
Tweet
Share on Pinterest
Recent Comments
Guest — Sandro
"Considering that NIST recently discovered that some Ubuntu based forensic boot discs could make modifications to a booted suspect... Read More
Saturday, 30 April 2011 04:07
Guest — Brett Shavers
I don't have the information, but you can contact http://forwarddiscovery.com/ as they updated their Linux boot disc from the NIST... Read More
Saturday, 30 April 2011 08:25
Guest — Sandro
I will! thanks! Sandro
Saturday, 30 April 2011 22:26
1287 Hits
APR
13
11

How easy (or difficult) is it to build a WinFE with WinBuilder?

Posted by Brett Shavers
in  Digital Forensics
An easy quickstart guide to build your WinFE ISO...1) Extract WinBuilder to the root of your C:/ drive2) Run WinBuilder3) Click 3 buttons and you are done.If you want more features, such as additional programs, network support, audio, more drivers, c...
Continue reading
0
  3872 Hits
Tweet
Share on Pinterest
Recent Comments
Guest — eskwebdesign
Thanks a lot! Really easy to do, perfect.
Friday, 15 April 2011 21:20
Guest — Gary Bales
I thought the main purpose of a 'WinFE' is to be able to view/browse a system after booting to a 'WinFE' environment which prevent... Read More
Tuesday, 04 October 2011 02:30
Guest — Brett Shavers
The modification of the two registry keys make it forensic. Set up WinBuilder with the WinFE scripts to modify the registry, or b... Read More
Tuesday, 04 October 2011 04:10
3872 Hits
    Previous     Next
80 81 82 83 84 85 86 87 88 89

Brett's blog

Posts List

Tag Cloud

phishing Hiding Behind the Keyboard tor browser Volume Shadow Copy forensics writing winfe email North korea book presentations investigation X-Ways Forensics Practitioner's Guide Windows Forensic Environment RegRipper dfir X-Ways Forensics 4cast training privacy Bitcoin Forensics case studies Hacker bitcoin surveillance Registry Forensics Jimmy Weg Virtualization wiretap windows fe gmail bitcoin forensics windows forensic environment imaging Placing the Suspect Behind the Keyboard investigations University of Washington

Search Blog

DFIR Training

Be sure to check out my DFIR Training website for practically the best resources for all things Digital Forensics/Incident Response related.

Even better, support DFIR Training at Patreon and get access to multiple online courses in digital forensics with included ebooks!

http://www.patreon.com/DFIRTraining 

© 2020 Brett Shavers