Profile avatar
stark4n6.bsky.social
Lethal forensicator, researcher, developer, blogger, curator of many fine t-shirt designs, resident #DFIR beer drinker https://startme.stark4n6.com
213 posts 879 followers 80 following
Prolific Poster
Posts 41 Comments 9

#ALEAPP got a new release (v3.3.0) a few days ago, check it out. More stuff on the way! #DFIR github.com/abrignoni/AL...

submitted 17 hours ago • 1 comment

Microsoft updated Purview's eDiscovery platform and dare I say it's getting worse?!

submitted 1 day ago • 0 comments

It's time for a new 13Cubed episode covering a very obscure evidence of execution artifact. www.youtube.com/watch?v=edJa... Enjoy! #DFIR

submitted 2 days ago • 0 comments

I started exploring OneDrive’s FileUsageSync.bd. There is some useful information on files shared via email, Teams, etc… that may not be in the user’s OneDrive. https://malwaremaloney.blogspot.com/2025/02/onedrive-microsoftfileusagesyncdb.html

submitted 5 days ago • 0 comments

This is new from what I see in Chrome, this is the mobile app on Android

submitted 5 days ago • 0 comments

Not many researchers are doing this much in-depth blogs like Josh, must read!

submitted 7 days ago • 0 comments

A new Unfurl release is here! v2025.02 adds: 🌐 Parsing encoded/obfuscated IP addresses 🦋 Resolving #Bluesky handles to their identifiers (DIDs) and looking up their creation timestamps 🐛 Bug fixes & better bulk parsing Blog: dfir.blog/unfurl-parse... Code: github.com/obsidianfore... #DFIR #OSINT

submitted 7 days ago • 0 comments

Missed the @magnetforensics.bsky.social Virtual Summit #CTF but want the images for testing and learning? We have already shared them with @nist.bsky.social CFReDS cfreds.nist.gov/all/Hexordia...

submitted 8 days ago • 0 comments

New #iLEAPP 2.1.0 release is out! #DFIR github.com/abrignoni/iL...

submitted 9 days ago • 0 comments

Today's fortune, spread love!

submitted 12 days ago • 0 comments

Many thanks to Magnet Forensics, Hexordia, and the CTF authors for this great experience! Glad the timing worked out that I was able to participate - really enjoyable, creative, and challenging. Still may go back and look at some more of these questions..

submitted 13 days ago • 1 comment

Just released Arsenal Image Mounter v3.11.299 w/ awesome new functionality including the new "AIM Remote Agent" (Windows, Linux, & BSD). Performance has also been improved w/ migration to .NET 9 & new driver setup package. arsenalrecon.com. #DFIR

submitted 13 days ago • 0 comments

Looking for a good source of forensic tools, blogs, and cheat sheets? Check out @stark4n6.bsky.social Forensic Start Me #DFIR start.me/p/q6mw4Q/for...

submitted 15 days ago • 1 comment

This just doesn't even feel real at this point

submitted 15 days ago • 0 comments

Exciting news about Arsenal Image Mounter will be released soon! In the meantime, check out this video to get a sense of how powerful AIM is in the hands of digital forensics practitioners. vimeo.com/1055607077 arsenalrecon.com #DFIR

submitted 15 days ago • 0 comments

Are you looking for Windows event logs related to Hello authentication? You should be www.hecfblog.com/2025/02/dail...

submitted 15 days ago • 0 comments

Today, Feb 10, is the last day to sign up for the Magnet Forensics Virtual Summit 2025 #CTF! Sign up by 5pm ET to play #DFIR -

submitted 16 days ago • 0 comments

Ultimate Cybersecurity Career Humble Bundle! Includes: - Incident Response for Windows - The OSINT Handbook - Effective Threat Investigation for SOC Analysts and more! Link: humblebundleinc.sjv.io/kOaeod (Partner Link) #DFIR #IncidentResponse #MalwareAnalysis #Cybersecurity #OSINT

submitted 18 days ago • 0 comments

Week 06 - 2025 #DFIR thisweekin4n6.com/2025/02/09/w...

submitted 17 days ago • 0 comments

35% off sale happening now on the Teepublic store #DFIR www.teepublic.com/user/stark4n6

submitted 20 days ago • 0 comments

Oh hey it’s the year of the snake! Here’s a drawing of a snake I made.

submitted 23 days ago • 35 comments

Caffeine drip would be much appreciated today 😩

submitted 22 days ago • 0 comments

If you want to collect Unified Logs from an Apple Homepod (1. Gen), you can use UFADE to do so. I was able to connect the device with a 3D printed adapter on macOS and Windows. #UFADE #forensics #ios #dfir

submitted 22 days ago • 0 comments

Good news, The Hitchhiker's Guide to DFIR book v1.5 has been released, thanks to Eli Woodward for contributing Chapter 15, "2023 from a Cyber Threat Intelligence Perspective". Grab a copy of the book at the link below, it's free! #DFIR leanpub.com/TheHitchhike...

submitted 23 days ago • 1 comment

submitted 24 days ago • 0 comments

#Stark4N6: Forensics StartMe Updates (2/1/2025) #DFIR www.stark4n6.com/2025/02/fore...

submitted 25 days ago • 0 comments

Me: Sends file describing something User: Asks questions clearly answer in said document Me: Cites said document Do people not read?!

submitted 26 days ago • 3 comments

#Stark4N6: Magnet Virtual Summit 2025 CTF Workshop #MVS2025 www.stark4n6.com/2025/01/magn...

submitted 26 days ago • 0 comments

Why did Microsoft change the default font on Office, looks like garbage 😂

submitted 27 days ago • 0 comments

✨✨ ✨ BSidesCharm wants to welcome more students to the cybersecurity community, so we set aside a limited number of tickets for students to attend BSidesCharm 2025 for free.

submitted 28 days ago • 1 comment

submitted 28 days ago • 0 comments

How printer metadata tracked print timestamps of cards, really cool use

submitted 28 days ago • 0 comments

New #iLEAPP v2.0.4 is out, check those GUI updates! #DFIR github.com/abrignoni/iL...

submitted 28 days ago • 0 comments

To start the year, and Season 3 (what?!) of Mobile Unpacked, we’re going back to basics on ADB. Come learn what makes the protocol what it is, how it works, and how you can recover information that would otherwise be lost without these valuable commands!

submitted 29 days ago • 1 comment

Yes, I'm that crazy person wearing a Fitbit and an Apple Watch for "science" 🤣

submitted 29 days ago • 1 comment

There seemed to be enough interest so I decided to do a write up on what I have found about OneDrive Offline Mode. Hate to burn a forensic artifact but I’m concerned about what Microsoft feels is secure. #DFIR https://malwaremaloney.blogspot.com/2025/01/onedrive-offline-mode-recallish-vibes.html

submitted 30 days ago • 1 comment

Today's adventure 🪼

submitted 31 days ago • 0 comments

Looking at buying new smart devices for #DFIR research, do I grab an Apple Watch, Samsung smart ring, or something else?

submitted 33 days ago • 0 comments

Ever troubleshoot something for hours to only have a lightbulb moment that fixes things in 2 seconds? Yeah that was me today...

submitted 34 days ago • 0 comments

Here's a video overview of Venture, the cross-platform Windows Event Viewer. Version 0.2.0 now has the ability to join multiple .evtx files into a single view! www.youtube.com/watc... Grab Venture here: github.com/mttaggart...

submitted 35 days ago • 1 comment

We're excited to kick off #MagnetVirtualSummit 2025 on Feb 10 with a special keynote presentation from our founder, Jad Saliba and Chief Product & Research Officer, Braden Thomas, where they'll address the tipping point of #DFIR. Register today: ow.ly/C9m350UKyUI #MVS2025

submitted 36 days ago • 0 comments