THE CYBER TRIAGE BLOG

Learn investigation tips from Brian Carrier and the Sleuth Kit Labs Team.

Cyber Triage 3.16: Investigate Faster with Cyber Triage Enterprise

January 15, 2026

Recent Posts

DFIR Next Steps: What to Do After You Find a Suspicious Use of Curl.exe

August 19, 2024

DFIR Next Steps: What To Do After You Find a Suspicious Use Of certutil.exe

August 7, 2024

DFIR Breakdown: Using Certutil To Download Attack Tools

July 24, 2024

Access More! BitLocker, new File Explorer, and Export All Files (3.11 release)

June 24, 2024

Limitations of ImpHash for DFIR

June 20, 2024

Intro to ImpHash for DFIR: “Fuzzy” Malware Matching

June 10, 2024

DFIR Artifacts for a Trojan Defense and Remote Access

June 4, 2024

DFIR Breakdown: Kerberoasting

May 31, 2024

Collecting Linux DFIR Artifacts with UAC

May 23, 2024

How Investigate with Cyber Triage and CrowdStrike Real Time Response

May 14, 2024

Adaptive vs Static File Collections for DFIR

May 8, 2024

3.10 adds Linux, Domain Controllers, and Fuzzy Malware Scanning for DFIR

May 1, 2024