Why Python Scripting and Reverse Engineering Are Essential Digital Examiner Skills
Special guests: Brooke Gottlieb, Paralegal, Federal Public Defender Office, and Alexis “Briggs” Brignoni, FBI Special Agent
In this episode, Briggs and Brooke will be talking about the new Python group and all the new coding developments in that area.
This all started with Brooke who, after a few years of digital forensics activity, was recommended to start learning Python. Brooke felt the need to exert more control over digital evidence and she also wanted to do more with the existing data available during investigations. However, she initially thought it was hard to find the time to learn those skills.
When she heard about Alexis’s work and used some of his tools and techniques, she became less intimidated about learning Python. As Alexis taught her, they both realized it would be great if more people could take advantage of this essential learning experience to confidently go past their fears of adding Python to their digital examiners’ skill set.
The three main reasons Brooke attends the Python learning group on Zoom are:
#1—No Time to Wait
Since she doesn’t usually have the time to wait for a digital forensics tool to get an update for a new unsupported app that she needs to parse, she wanted to be able to do that for herself. She also wanted more autonomy when examining evidence for new cases.
By being part of a small Python study group, she is now able to give back to the DFIR community in the way it has given to her.
#3—Learning From Peers
The python group presents an opportunity to get out of one’s comfort zone and engage with other peers.
The group actively addresses the ongoing question of how the DFIR community can go beyond just being “users” and become “contributors.”
Traditional examiner training is usually focused on a tool in terms of how it used, the buttons to press, and how to validate data. However, many forward-thinking examiners still lack certain skills that are worth considering. Two examples are the skill of “python code scripting” and “reverse engineering.”
Find out more about how to leverage Python coding in your career and participate in the Python group during the podcast.