Sleuth Kit Labs
@sleuthkitlabs.bsky.social
Sleuth Kit Labs is the maker of The Sleuth Kit, Autopsy, and Cyber Triage digital forensics tools.
Reposted by Sleuth Kit Labs
#DFIR Automation Series
I use 4 levels of automation ranging from none to fully automated.
I think an ideal solution is to use full automation for low risk decisions. And recommendations for higher risk.
We use recommendations in Cyber Triage by scoring each artifact. You ultimately decide.
I use 4 levels of automation ranging from none to fully automated.
I think an ideal solution is to use full automation for low risk decisions. And recommendations for higher risk.
We use recommendations in Cyber Triage by scoring each artifact. You ultimately decide.
August 20, 2025 at 4:10 PM
#DFIR Automation Series
I use 4 levels of automation ranging from none to fully automated.
I think an ideal solution is to use full automation for low risk decisions. And recommendations for higher risk.
We use recommendations in Cyber Triage by scoring each artifact. You ultimately decide.
I use 4 levels of automation ranging from none to fully automated.
I think an ideal solution is to use full automation for low risk decisions. And recommendations for higher risk.
We use recommendations in Cyber Triage by scoring each artifact. You ultimately decide.
Reposted by Sleuth Kit Labs
New Forensic Resource
What to do after you find TeamViewer:
→ Log files to find activity details
→ Executables to find installation times
→ Domains to find download source
Learn how to corroborate timelines to investigate suspicious TeamViewer.
www.cybertriage.com/blog/dfir-ne...
What to do after you find TeamViewer:
→ Log files to find activity details
→ Executables to find installation times
→ Domains to find download source
Learn how to corroborate timelines to investigate suspicious TeamViewer.
www.cybertriage.com/blog/dfir-ne...
DFIR Next Steps: Suspicious TeamViewer Use
Welcome to the next post in our DFIR Next Steps series on Remote Monitoring & Management (RMM) tools. This series is designed to help you quickly
www.cybertriage.com
August 14, 2025 at 3:26 PM
New Forensic Resource
What to do after you find TeamViewer:
→ Log files to find activity details
→ Executables to find installation times
→ Domains to find download source
Learn how to corroborate timelines to investigate suspicious TeamViewer.
www.cybertriage.com/blog/dfir-ne...
What to do after you find TeamViewer:
→ Log files to find activity details
→ Executables to find installation times
→ Domains to find download source
Learn how to corroborate timelines to investigate suspicious TeamViewer.
www.cybertriage.com/blog/dfir-ne...
AI+LLMs in Digital Investigation Webinar
Join @carrier4n6.bsky.social and Sid Probstein as they discuss practical uses of AI and LLMs in digital investigations. Come learn from people who thought about these things for years before ChatGPT.
Aug 28 @ 11 AM
attendee.gotowebinar.com/register/243...
Join @carrier4n6.bsky.social and Sid Probstein as they discuss practical uses of AI and LLMs in digital investigations. Come learn from people who thought about these things for years before ChatGPT.
Aug 28 @ 11 AM
attendee.gotowebinar.com/register/243...
attendee.gotowebinar.com
August 13, 2025 at 3:23 PM
AI+LLMs in Digital Investigation Webinar
Join @carrier4n6.bsky.social and Sid Probstein as they discuss practical uses of AI and LLMs in digital investigations. Come learn from people who thought about these things for years before ChatGPT.
Aug 28 @ 11 AM
attendee.gotowebinar.com/register/243...
Join @carrier4n6.bsky.social and Sid Probstein as they discuss practical uses of AI and LLMs in digital investigations. Come learn from people who thought about these things for years before ChatGPT.
Aug 28 @ 11 AM
attendee.gotowebinar.com/register/243...
Reposted by Sleuth Kit Labs
Digital forensics has always relied on automation and "push buttons". What's changed is how many things we automate and the technologies used.
No one ever chose to manually parse FAT12 floppy drives with a hex editor when they could have a tool list out the file names.
No one ever chose to manually parse FAT12 floppy drives with a hex editor when they could have a tool list out the file names.
August 13, 2025 at 3:17 PM
Digital forensics has always relied on automation and "push buttons". What's changed is how many things we automate and the technologies used.
No one ever chose to manually parse FAT12 floppy drives with a hex editor when they could have a tool list out the file names.
No one ever chose to manually parse FAT12 floppy drives with a hex editor when they could have a tool list out the file names.
Reposted by Sleuth Kit Labs
Adding automation to your #DFIR investigations means you have less decisions to make. Get rid of the tedious work! Focus on the fun stuff!
Here are my three thoughts on the most effective ways to add automation and which tools do them.
What are yours?
www.cybertriage.com/blog/3-ways-...
Here are my three thoughts on the most effective ways to add automation and which tools do them.
What are yours?
www.cybertriage.com/blog/3-ways-...
3 Ways to Make Digital Investigations Faster with Automation
Everyone — except for some consultants paid by the hour — wants to skip the tedious work associated with digital investigation. The good news is there are
www.cybertriage.com
August 5, 2025 at 3:29 PM
Adding automation to your #DFIR investigations means you have less decisions to make. Get rid of the tedious work! Focus on the fun stuff!
Here are my three thoughts on the most effective ways to add automation and which tools do them.
What are yours?
www.cybertriage.com/blog/3-ways-...
Here are my three thoughts on the most effective ways to add automation and which tools do them.
What are yours?
www.cybertriage.com/blog/3-ways-...