Kevin 🤖🕵️🍺
LightNews LightNews
banner
stark4n6.bsky.social
Kevin 🤖🕵️🍺
@stark4n6.bsky.social
930 followers 87 following 310 posts
Lethal forensicator, researcher, developer, blogger, curator of many fine t-shirt designs, resident #DFIR beer drinker https://startme.stark4n6.com
startme.stark4n6.com
Posts Media Videos Starter Packs
Pinned
stark4n6.bsky.social
Kevin 🤖🕵️🍺 @stark4n6.bsky.social · Nov 12
New here? Check out my one stop shop of #DFIR resources startme.stark4n6.com
1 5 21
Reposted by Kevin 🤖🕵️🍺
magnetforensics.bsky.social
Magnet Forensics @magnetforensics.bsky.social · 4d
On October 22, join us for a webinar where we'll share common challenges in #MobileForensics within #WorkplaceInvestigations, and how the combined power of Magnet #Verakey & #AxiomCyber help solve them: ow.ly/Erk350XeoFs #DFIR
Overcoming mobile forensics challenges in workplace investigations - Magnet Forensics
Mobile devices have become indispensable tools in the modern workplace, enabling more than just checking email. Employees now browse the web, access sensitive company data, and conduct daily business ...
ow.ly
1
Reposted by Kevin 🤖🕵️🍺
beercow.bsky.social
beercow.bsky.social @beercow.bsky.social · 6d
Did a little digging in Microsoft.FileUsageSync.db. Found some information to piece together OneDrive Quick Access. #DFIR
malwaremaloney.blogspot.com/2025/10/oned...
MALoney (It's in the name): OneDrive Quick Access
What is Quick access? Quick access makes it simple to find your frequently used storage locations, inclu...
malwaremaloney.blogspot.com
1
Reposted by Kevin 🤖🕵️🍺
dwmetz.bsky.social
Doug Metz @dwmetz.bsky.social · 5d
CyberPipe, a PowerShell script for digital evidence collection, has been updated with enhancements in collection, capabilities, and reliability. New features include intelligent collection with dual disk space validation, a QuickTriage profile, and improved BitLocker recovery. #DFIR
Streamline Digital Evidence Collection with CyberPipe 5.2
CyberPipe, developed for incident response, is a PowerShell script facilitating efficient digital evidence collection in enterprise settings. Recent updates include improved collection methods, capabilities like QuickTriage for faster artifact gathering, and enhanced reliability with advanced error handling. Version 5.2 aims to streamline operations while ensuring forensic integrity and transparency. #DFIR
bakerstreetforensics.com
2 2
stark4n6.bsky.social
Kevin 🤖🕵️🍺 @stark4n6.bsky.social · 7d
a man with the words well hello mr. fancy pants on the bottom
Alt: a man with the words well hello mr. fancy pants on the bottom
media.tenor.com
1
stark4n6.bsky.social
Kevin 🤖🕵️🍺 @stark4n6.bsky.social · 7d
Anyone else's work issued laptop just bluescreen crash weekly or is it just me?!
1 1
Reposted by Kevin 🤖🕵️🍺
phillmoore.bsky.social
Phill Moore @phillmoore.bsky.social · 9d
Week 41 - 2025 #DFIR
thisweekin4n6.com/2025/10/12/w...
Week 41 – 2025
Inside the Salesloft-Drift Breach: What It Means for SaaS & Identity SecurityIn this session, Permiso’s CTO will cover:- How attackers moved from GitHub → AWS → Salesforce using stolen OAuth to…
thisweekin4n6.com
2 2
Reposted by Kevin 🤖🕵️🍺
beercow.bsky.social
beercow.bsky.social @beercow.bsky.social · 13d
Did a little digging in Microsoft.FileUsageSync.db. Found some information to piece together OneDrive Quick Access. #DFIR
malwaremaloney.blogspot.com/2025/10/oned...
MALoney (It's in the name): OneDrive Quick Access
What is Quick access? Quick access makes it simple to find your frequently used storage locations, inclu...
malwaremaloney.blogspot.com
1 2
stark4n6.bsky.social
Kevin 🤖🕵️🍺 @stark4n6.bsky.social · 13d
#Stark4N6: Cyber Unpacked with @magnetforensics.bsky.social Feature www.stark4n6.com/2025/10/cybe...
Cyber Unpacked with Magnet Forensics Feature
I had the pleasure of taking part in a panel discussion for the Cyber Unpacked series with Magnet Forensics. What a great conversation with ...
www.stark4n6.com
Reposted by Kevin 🤖🕵️🍺
dwmetz.bsky.social
Doug Metz @dwmetz.bsky.social · 14d
A trick and a treat this week with a quiet milestone for cross-platform DFIR tooling — MalChelaGUI now runs seamlessly inside Windows through Ubuntu WSL2, with zero configuration required. #DFIR #MalwareAnalysis
Cross-Platform DFIR Tools: MalChelaGUI on Windows
A trick and a treat this week with a quiet milestone for cross-platform DFIR tooling — MalChelaGUI now runs seamlessly inside Windows through Ubuntu WSL2, with zero configuration required. #DFIR #MalwareAnalysis
bakerstreetforensics.com
1 1
Reposted by Kevin 🤖🕵️🍺
volatilityfoundation.org
Volatility @volatilityfoundation.org · Jul 24
The 13th annual @volatilityfoundation.org #PluginContest is now OPEN! This is a meaningful way to contribute to open source forensics & gain community-wide visibility for your work. And, as always, winners get cash prizes!

Submission Deadline: 31 December 2025

#dfir #memoryforensics
The 13th Annual Volatility Plugin Contest is Open!
We are excited to announce that the Volatility Plugin Contest is officially open for submissions! The annual Plugin Contest is your opportunity to: Directly contribute to the open source forensics …
volatilityfoundation.org
5 4
stark4n6.bsky.social
Kevin 🤖🕵️🍺 @stark4n6.bsky.social · 20d
This is gonna be a good one, I may be biased!
Reposted by Kevin 🤖🕵️🍺
beercow.bsky.social
beercow.bsky.social @beercow.bsky.social · 22d
In case you missed it. New release of OneDriveExplorer. It has a dedicated parser for MicrosoftListSync.db (offline mode). #DFIR

malwaremaloney.blogspot.com/2025/09/oned...
MALoney (It's in the name): OneDrive. Let's take this offline
At the beginning of this year, I started adding data from the offline databases into OneDrive Explorer. This data enhanced...
malwaremaloney.blogspot.com
1 2
Reposted by Kevin 🤖🕵️🍺
phillmoore.bsky.social
Phill Moore @phillmoore.bsky.social · 23d
Week 39 - 2025 #DFIR
thisweekin4n6.com/2025/09/28/w...
Week 39 – 2025
Inside the Salesloft-Drift Breach: What It Means for SaaS & Identity SecurityIn this session, Permiso’s CTO will cover:- How attackers moved from GitHub → AWS → Salesforce using stolen OAuth to…
thisweekin4n6.com
3 2
Reposted by Kevin 🤖🕵️🍺
magnetforensics.bsky.social
Magnet Forensics @magnetforensics.bsky.social · 29d
This week's #MobileUnpacked is going to be a big one! Join us as @cscottvance.bsky.social explores the brand-new #iOS26, including UX changes of #LiquidGlass, and updates to the Phone & Messages app that could have serious impacts. Save your spot now: ow.ly/zr8150X0bp7
S3:E9 // NOW That’s what I call iOS: 26 - Magnet Forensics
Apple has hit the jump to light speed and jumped from iOS 18 to iOS 26! In this episode of Mobile Unpacked we’ll explore the new changes and challenges Apple’s yearly upgrade cycle is bringing to the ...
ow.ly
1 1
Reposted by Kevin 🤖🕵️🍺
pancakescon.com
PancakesCon Infosec Conference @pancakescon.com · Sep 18
PancakesCon & @comfyconau.bsky.social are THIS SUNDAY, September 21st. Here are some final notes on how to make the most of virtual conferences and where to find useful information! pancakescon.com/2025/09/17/f...
Final Pre-Conference Notes for 2025
PancakesCon is this coming Sunday, the 21st of September (running into the 22nd for some of us!). It will start at 6AM Central US Time (Chicago), for a very good reason. No, I have not become a mor…
pancakescon.com
27 42
Reposted by Kevin 🤖🕵️🍺
agreenberg.bsky.social
Andy Greenberg @agreenberg.bsky.social · Sep 16
The death of Robert Redford (RIP) means the window to rewatch Hackers in honor of the 30th anniversary has officially closed and it is now time to re-watch Sneakers. (Time to rewatch Sneakers will continue indefinitely.)
5 41 170
Reposted by Kevin 🤖🕵️🍺
zamomin.bsky.social
Christian Peter @zamomin.bsky.social · Sep 17
A new UFADE Version is out! (github.com/prosch88/UFA...) New in 1.0.1:

Customizable backup functions,

The option to decrypt existing iTunes backups,

Interface improvements,

More consistent display on different platforms,

Includes the latest identifiers for the new iPhone and Apple Watch models
The new customizable Backup Option
1
stark4n6.bsky.social
Kevin 🤖🕵️🍺 @stark4n6.bsky.social · Sep 16
Happy 30th anniversary to Hackers!
Reposted by Kevin 🤖🕵️🍺
lookitup.baby
Ian Coldwater 👻🌿 @lookitup.baby · Sep 11
If you’re cold, they’re cold. Bring them inside
naominori.bsky.social Naomi! @naominori.bsky.social · Sep 11
If you find a USB stick on the ground, take it home and plug it into your computer
15 49 320
Reposted by Kevin 🤖🕵️🍺
13cubed.bsky.social
13Cubed @13cubed.bsky.social · Sep 9
Happy 9/9! It's time for a new 13Cubed episode. 🎉 I'm sure you're as sick of hearing about AI as I am, but I have some thoughts... Let's talk about it. www.youtube.com/watch?v=lvkB... #DFIR
AI vs. Windows Forensics
YouTube video by 13Cubed
www.youtube.com
1 2
stark4n6.bsky.social
Kevin 🤖🕵️🍺 @stark4n6.bsky.social · Sep 5
haha that's unfortunate, I'm sure it'll show up eventually. This happens often when I tuck something away in my desk then look for it months later
stark4n6.bsky.social
Kevin 🤖🕵️🍺 @stark4n6.bsky.social · Sep 4
Guess who forgot his test phone password and now has to wipe it 🙃
1
stark4n6.bsky.social
Kevin 🤖🕵️🍺 @stark4n6.bsky.social · Sep 2
Good news, iLEAPP v2.3.0 release is out, go grab it now!

github.com/abrignoni/iL...
Release v2.3.0 · abrignoni/iLEAPP
iLEAPP v2.3.0 New features : Support of iTunes encrypted backups New Unified Logs artifacts Progress / status count to console output Improve media file lookup speed (~20x faster) New modules :...
github.com
1 1
stark4n6.bsky.social
Kevin 🤖🕵️🍺 @stark4n6.bsky.social · Sep 2
#Stark4N6: Forensics StartMe Updates (9/1/2025) #DFIR www.stark4n6.com/2025/09/fore...
stark4n6.bsky.social
Kevin 🤖🕵️🍺 @stark4n6.bsky.social · Aug 31
Got some vintage wax packs for fun
1 1 6