Open Source Digital Forensics Labs 101

Identification and Acquisition


Digital forensics is a field of great interest for users, developers, CxO, law enforcement agencies, prosecutors, judges, lawyers.
Last year in SFSCON19 we could see how to analyze and avoid the “black box” forensics and increase our awareness.
This year we’ll see briefly some interesting updates in Linux distributions for Digital Forensics and learn how to do the first two steps on the field (yes, it’s a CSI lab).
The talk will present how to do identification and acquisition of digital evidences on the scene (as first responders) with practical examples of acquiring digital memories with the Guymager software.
We’ll show data carving and reporting with open / free software forensic investigation tools (Autopsy, Linux Leo, Photorec, etc.).