I spoke at the SANS DFIR Summit 2015 on "Customized Google Chrome Forensics with Python" in Austin, TX. My presentation introduced Hindsight, an open source tool (written in Python) for extracting, interpreting, and reporting on Google Chrome artifacts. I went over how to use Hindsight to analyze a user’s Chrome installation, how to write custom plugins to parse specific artifacts, how to integrate Hindsight into a complex investigative workflow, and finally, how to explain all this to a manager in a report.

They recently posted the recording on YouTube; check it out!