Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
Brigs Profile picture
Brigs
@AlexisBrignoni
💾 Digital forensics nerd. 💡 Opinions are mine and subject to change. 🐘 Find me: https://t.co/oyqu24H5lC 📷 Instagram: https://t.co/9fDIFht3tp
Jun 13, 2023 9 tweets 4 min read
🔥 Hot take 🔥
If you only pump out tool reports because you don't have time to do actual #DigitalForensics the only person you are fooling is yourself.

Cases dropped or plead low because the examiner couldn't be inconvenienced with looking into a database. Image Acquittals because the examiner never took the time to understand the artifacts so they could be properly understood by the jurors.

But wait, you say, I press that Generate Report button like it's going out of business and that has never happened to me.

To that I say... Yet. Image
Mar 8, 2022 9 tweets 2 min read
#DFIR thoughts 💭
Expectations from paid multipurpose #DFIR tools (#4n6 focused):
🔂 Ingest multiple images at the same time or sequentially in a automated fashion. If the GUI doesn't allow it provide for a way to script it. Terminal / CMD line at a minimum.
1/ 🪵 Support well know data sources natively in a report they gives context. Ex. If the field is called 'abcd' but the data in it is a Last Modified Timestamp call it as such in the report. For context tie the item to a particular app, service, or function if known.
2/