2021 is coming to a close so it's time to start nominating for the 2022 Forensic 4Cast Awards. Since nominations are pretty open ended I like to choose multiples of each if I can. Here are my picks.
Submit your own here:
https://forms.gle/g6hDp9uaErvoNzt68
DFIR Commercial Tool of the Year
Magnet AXIOM - still my go-to analysis tool for computer as well as mobile, and now can do vehicles and DVR along side the Cyber offering that has plenty of cloud resources
Cellebrite UFED/PA - still my go-to for collecting phones, overall with some updates this year, things still working great. Looking forward to the big v8 release next year!
DFIR Non-commercial Tool of the Year
xLEAPP - This is a community project at it's core. I love teaming up with Alexis on bringing new parsers to ALEAPP, iLEAPP, RLEAPP, and we also have now VLEAPP, CLEAPP and WLEAPP.
DFIR Show of the Year
DFIR Science - https://www.youtube.com/c/DFIRScience
Joshua James has been increasing his output over the past few months with little snippets of useful tips and tricks.
Life has no Ctrl-Alt-Del - https://www.cellebrite.com/en/series/ctrl-alt-del/
Cellebrite's weekly (now bi-weekly) Zoom meeting is still going strong a year plus later. Shout out to Heather and the gang.
Chewing the FAT Podcast - https://shows.acast.com/chewing-the-fat/episodes
Newcomers on the podcast block, Phil and Adam seemed to always have a good time conversing with industry experts.
DFIR Blog of the Year
stark4n6.com - Shameless plug but I put out 33 posts this year, more than any other year I've had the blog running. I hope to continue to put out my research content and support the community as a whole!
https://thebinaryhick.blog/ - Josh Hickman has been very consistent and thorough with his posts from Android to iOS.
https://theforensicscooter.com/blog/ - Scott Koenig has put out lots of great research this past year and I'm glad he's finally sharing on his own page!
DFIR Article of the Year
Turbo Speed: Parsing Device Health Services from Google - https://www.sans.org/white-papers/turbo-speed-parsing-device-health-services-from-google/
This was my culminating whitepaper on my findings from the Google Device Health Services. You can read the individual blog posts here: Part 1 | Part 2 | Part 3
Wipeout! Detecting Android Factory Resets - https://thebinaryhick.blog/2021/08/19/wipeout-detecting-android-factory-resets/
One of my favorites for the year is this great article on finding Android phone resets from Josh Hickman. Even when phones are reset they still can have signs of when they happened.
Photos.Sqlite Queries - https://theforensicscooter.com/2021/11/23/photos-sqlite-queries/
A late entry is an updated post from Scott Koenig with a plethora of queries for parsing iOS Photos of all sorts.
DFIR Social Media Contributor of the Year
DFIR Diva - Elan has been killing it with here main page and training pages. She also started Get Your Start in DFIR which has been taking off.
DFIR Degree Program or Training Class of the Year
Bloomsburg University Digital Forensics & Cyber Security - I nominate it every year not only because I'm an alumni but because I believe in the program, even if it doesn't get the proper acknowledgements.
Champlain College Digital Forensics - Another great college option for those seeking, from the undergrad to graduate programs, both are excellent
Cyber5W Academy - Ali Hadi has done great things with his free/reduced training offerings, and soon collaborations with Jessica Hyde and Hexordia!
DFIR CTF / Challenge of the Year
Magnet Virtual Summit CTF - My yearly favorite competition, the fast paced 3 hour nerve-wracking joyride!
Cellebrite CTF - The great thing about the Cellebrite one is that it tells a story, and multiple devices involved helps unfold the story. An incredible amount of work and dedication from the team to put this together.
DFIR Groundbreaking Research of the Year
User Access Logging - while I don't really dabble in server environments, it was one of the standout items found this year. Crowdstrike and KPMG had some good research points on it.
https://www.crowdstrike.com/blog/user-access-logging-ual-overview/
https://advisory.kpmg.us/blog/2021/digital-forensics-incident-response.html
DFIR Newcomer of the Year
Jesse Spangenberger - Jesse's has pushed his blog out a bit more with reviews of courses, CTF's, as well as pushing on releasing his take on xLEAPP project, a combination of all those from Alexis.
DFIR Mentor of the Year
Alexis Brignoni - I can bounce any sort of ideas off of him when coding in Python or working on xLEAPP modules and he's always more than willing to assist.
Jessica Hyde - I think I've put Jessica in this category each year and rightfully so. She is the person that "sends the elevator back down". No person is more enthusiastic and willing to get people involved and into the forensics field.
DFIR Resource of the Year
Stark4N6 Forensics StartMe (startme.stark4n6.com) - I created this to not only help organize all my bookmarks but to also build out a resource for newcomers and skilled practitioners alike. I hope people get use out of it as much as I do.
This Week in 4n6 - My favorite Sunday/Monday morning weekly recap still going strong, shout out to Phill.
DFIR Discord - 3 years later and Andrew Rathbun's project continues to expand. With new channels added in the last year, it's amazing to see the collaboration between members.
DFIR Team of the Year
Magnet Forensics - From IPO, to the Idea Lab, to new products and updates, the Magnet team continues to push the industry forward.
SANS - From all the free resources and Summits they have offered including the role out of many new courses, how can you not put them on the list.
Cellebrite - Another big IPO in the forensics industry, and the expansion of product offerings and molding of staples has taken Cellebrite to the next level.
Digital Forensic Investigator of the Year
Investigator of the Year is always up for interpretation but I see it as someone who has contributed to the community as a whole. These 3 always seems to come up for me.
Alexis Brignoni - Alexis is all about the community, giving back to some of my favorite open sourced tools and so much more. It helps he has a sense of humor, always posting fantastic memes on Twitter.
Jessica Hyde - Jessica's work through Magnet, and now Hexordia alongside literally all the different groups and organizations she's apart of continue to push the positivity of what
Heather Mahalik - Heather's work through SANS and Cellebrite can't be understated, from Tip Tuesday's to helping push the latest and greatest mobile research.