A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Leveraging Vagrant to Quickly Deploy Forsensics Environments - Jeff Williams Converge 2017 (Hacking Illustrated Series InfoSec Tutorial Videos)

Leveraging Vagrant to Quickly Deploy Forsensics Environments
Jeff Williams

As Incident Responders, we’re always on the lookout for tools that will allow us and our investigations to become more efficient. There are already a ton of great tools and pre-configured virtual images that provide us with workable forensics environments. It doesn't hurt to have more than one trustworthy option when it comes to these resources. Vagrant is a virtual management platform used to create and deploy virtual environments. Although it’s more commonly used by developers for testing, I thought about how I could leverage it for my DFIR needs. My goal was to provide a quick deployable forensics environment while leveraging the Vagrant platform. Dreamcatcher was born. The Dreamcatcher project was shaped with a lightweight memory forensics environment in mind, and since then I have added more tools and features to its arsenal. As my contribution to the variety of DFIR “Swiss Army Knives” available, it is a fast, flexible alternative. With a clear list of ingredients" no hidden preservatives!" I will demonstrate why Dreamcatcher is a great DFIR addition to anyone’s toolkit

Jeff Williams (blu3wing) is a Security Engineer working in Healthcare and specializes in DFIR and Malware Hunting. He currently is still an undergraduate at Eastern Michigan University where he plans to finish his last two remaining classes over the Summer and Fall 2017 semesters. He is passionate about all things InfoSec, and spends most of his free time researching and monitoring security related events and news.

Back to Converge 2017 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast