One of the most frequent questions I get from digital forensics students is about resources: where can they go to continue learning, where can they find out more about the industry, what are the best blogs and social accounts out there for DFIR people?
The below is by no means an exhaustive list, but here are some of the places I get my computer forensics news from, which you might find helpful.
The first site I’m going to recommend is, of course, Forensic Focus. I’m the editor over there, and we try to publish several relevant articles, interviews, reviews and webinars each week. This year we’ve been nominated for a Forensic 4:Cast award, and so has my book (Windows Forensics Cookbook), so go and cast your votes!
The other nominees are also excellent: Cindy Murphy’s blog over at Gillware.com is a popular one among practitioners; Phill Moore’s This Week In 4n6 rounds up the latest industry news every week; DFIR.training has a whole load of handy resources and a new social network for the community; and About DFIR is a compendium project which aims to bring together everything you need in one space.
Windows Forensics Cookbook‘s co-author, Oleg Skulkin, is one of the minds behind Cyber Forensicator, a digital forensics blog which publishes updates regularly and is a great place to check out new papers and articles.
As one of the most well-known names in digital forensics, Harlan Carvey’s blog is unsurprisingly very popular among practitioners and students alike. Over at 4N6IR, James posts mainly about Windows forensics, with helpful in-depth articles featuring step-by-step guides along with screenshots.
The aptly named blog A Fistful Of Dongles is Eric Huber’s place to discuss everything DFIR-related. I’ve been surprised over the years at just how many dongles and wires I’ve accumulated in the service of digital forensic investigation; after a while it gets kind of addictive.
If like me you’re a bit of a Kali fan, Blackmore Ops will be an invaluable resource; I have so many of their pages bookmarked that I might as well just commit the whole site to memory.
On the vendor side, Magnet Forensics have an excellent blog with frequent posts from Christa Miller, founder Jad Saliba and more. BlackBag Tech’s blog provides a great window into the industry, and they often focus on a specific element across a series of posts, so keep an eye out for those too. AccessData’s blog focuses quite heavily on their own releases, but you’ll also find the occasional gem discussing recent trends in the industry.
The digital forensics community is also very active on Twitter: following the #digitalforensics and #DFIR hashtags will help you stay up to date. I’ve also put together a list of digital forensics practitioners on Twitter; see below for a preview.
Facebook and Instagram aren’t so well-frequented by the community, although there are still a few spaces you might want to check out. I’m a member of the Digital Forensics and Cyber Security – Digital Forensics – Ethical Hacking groups, although both of those tend to be more cybersecurity focused than specifically digital forensics based. Perhaps there might be a new digital forensics Facebook group soon… watch this space.
If you’re studying at the moment and looking to get into the industry, why not start your own blog? Getting your writing out there is one of the best ways to receive extra feedback on your projects and get to know others in the field. It’ll also put you on the radar of some of the companies in the area, and who knows where that might lead?
What are your favourite digital forensics resources online? Let me know in the comments – and if you’re not on my Twitter list, drop me a line and I’ll make sure I add you!