We had a jam packed Forensic Lunch today with a portion of the Google IR team today talking all about the open source tools they develop, use and support in their work at Google.
Specifically we had :
- Mikhail Bushkov giving a big update on GRR https://github.com/google/grr
- Johan Berggren (https://twitter.com/jberggren) and Kristinn Gudjonsson (https://twitter.com/el_killerdwarf) talking about Timesketch and Data science
-
- https://github.com/google/timesketch
- Aaron Peterson (https://twitter.com/aarontpeterson) talking about Turbinia
-
- https://github.com/google/turbinia
- Thomas Chopitea (https://twitter.com/tomchop_) talking about DTTimewolf
-
- https://github.com/log2timeline/dftimewolf
- Theo Giovanna talking about libcloudforensics aka cloudforensicutils
-
- https://github.com/google/cloud-forensics-utils/tree/master/libcloudforensics
- Joachin Metz (https://twitter.com/joachimmetz) - Talking about Plaso, libntfs and Libyal
-
- Plaso: https://github.com/log2timeline/plaso
- Libfsntfs: https://github.com/libyal/libfsntfs
- Libyal: https://github.com/libyal
Join them on the Open Source DFIR Slack: https://join-open-source-dfir-slack.herokuapp.com/
Read more about what they are doing on the Open Source DFIR Blog: https://osdfir.blogspot.com/