Nicole Ibrahim – HeX-OR Forensics

SANS DFIR Summit 2017: Mac OS X and iOS FSEvents Presentation

Posted on July 1, 2017 by Nicole Ibrahim

Another big thank you going out to the SANS crew for inviting me to speak at the DFIR summit 2017 in Austin. It was a great pleasure and an amazing conference. My presentation slides are available for download here Mac… Continue Reading →

Apple FSEvents Forensics

Posted on June 7, 2017 by Nicole Ibrahim

Undocumented, unexplored, and underutilized, that is until now. Apple FSEvents or File System events are an invaluable artifact for every Apple examiner and should be a go to resource for artifacts relating to file system activity that occurred in the past.… Continue Reading →

Search

Author: Nicole Ibrahim

SANS DFIR Summit 2017: Mac OS X and iOS FSEvents Presentation

Apple FSEvents Forensics