New Year, New

2019 is here and the new year brings something with it I’ve wanted to do for a while: re-launch my blog! It has a new look and a new home at I’ve had some big changes in my life: I became a father and I began working at Google on their Digital Forensics team. […]

Investigating Universal Analytics

Two common questions when investigating web browsing are: how long did a user spend on a website, and what actions did they take while on it We have a number of methods of approximating what the user did and how much time they spent on a page, but browser histories just weren’t designed to comprehensively record all that information. Chrome visit […]

Load Balancer Cookie Decoder

Load Balancer Cookies

I was going through my bookmarks and found a write-up from a few years ago on decoding NetScaler load balancer cookies. Adam Maxwell (@catalyst256) wrote a few blog posts describing his process of figuring out how to decode the cookie and finished it off by releasing a Python script that automates his process. It’s always interesting […]

Alexa, Tell Me Your Secrets

The Amazon Echo is a nifty little device that you communicate with via speech – you can ask it to do various tasks and it verbally replies. You preface each command with the trigger word – either “Alexa”, “Amazon”, or “Echo”. The Echo uses the Alexa Voice Service to handle the verbal interactions and Alexa really […]

Hindsight v1.5.0 released + GUI!

Hindsight v1.5.0 Graphical User Interface

I am very excited to announce that Hindsight v1.5.0 is here! Graphical User Interface The core Hindsight functionality continues to see incremental improvements, along with quite a few internal changes to support new features that will appear in subsequent releases. However, the major change is that there is now a graphic interface available for Hindsight, thanks […]