How the **** do I do that? Making 300+ forensic parsers easily accessible

Name: How the **** do I do that? Making 300+ forensic parsers easily accessible
Start: 2026-01-31T10:15:00
End: 2026-01-31T10:15:00
Location: UB4.132

UB4.132 | Day 2 | 10:15 - 10:45 | Speakers: Erik Schamper, Lennart Haagsma

Copy link

Copy link

Open in browser

Notes

Abstract

Fox-IT's Dissect has a huge collection of features and parsers, but what does it take to maintain those and, more importantly, make them easily usable and accessibly to analysts? Wondered how we made recursive hypervisor analysis a hell of a lot easier? Or why it's so ridiculously easy to build custom tools on top of Dissect? Join us as we take you on a tour of some of the features of Dissect, as well as the challenges that come with maintaining it.

Attachments

Speakers

Erik Schamper

Lennart Haagsma

Lennart Haagsma works as an Incident Responder for Fox-IT in the Netherlands

External Links

Notice: The placeholder video image is licensed under CC BY-SA 4.0. The original image can be found hereChanges made to the image are: Cropped the image to a new ratio, part of the image was cut off.