It’s been a few years since the last update here at Forensic Fellowship. In that time, the world has changed. We’ve seen the "AI explosion" move from a buzzword to a standard tool in our kits. But as the noise increases, the signal has become harder to find. Today, I’m officially re-opening the lab.
The Human Element in an AI World:
There’s a common narrative today that AI has "solved" digital forensics. We have LLMs that can parse logs in seconds and agents that can automate memory forensics. But here is the truth that often gets lost in the marketing: AI knows patterns, but it doesn’t know purpose.
In 2026, the data itself is neutral. Its "importance" is a human construct.
I have always liked the slogan "It takes a human!".
An AI can find a deleted file, but it takes a human examiner to understand the intent behind it—to know why a specific browser artifact in a list of millions is the smoking gun.
The Future: Introducing a new tool:
I’ve been working on a new project that I’ll be unveiling in detail over the coming weeks.
It’s a live Linux triage tool designed for the modern era. It doesn't replace the examiner; it empowers them. It follows a strict two-phase architecture.
It allows the ability to collect and analyze on Linux.
It flags the indicators of compromise, but it leaves the "Finding" to the examiner.
What to Expect Next:
Tool Intro: I'll be sharing the source code and walkthroughs on how to use new tool to hunt
Closing: Forensics has been about storytelling and reconstructing the "who, what, and why" from the digital traces left behind. That story still requires a human author.
It’s good to be back.
No comments:
Post a Comment