Week 20 – 2022

Aditya PratapWindows Triaging with Powershell — Part 2: Artifacts Collection Heather Mahalik at CellebriteCellebrite Capture the Flag – May 2022 Chris at AskCleesDecrypting Mega’s megaprefences Sqlite Database Digital Forensics MyanmareCDFP Module (5) File System Analysis (Part-3) Elcomsoftcheckm8: Unlocking and Imaging the iPhone 4s ForensafeInvestigating UserAssist Kevin Pagano at Stark 4N6 Magnet Virtual Summit 2022 CTF – Egg […]

Week 19 – 2022

4DiscoveryThe Forged PDF ADEO Cyber Security ServicesChupacabra Digital Forensic Training Set 2022 by ADEO DFIR Team Angry-Bender’s blog house Cobalt Strike Decoding Handy DFIR Excel Formulas Yulia Samoteykina at AtolaRAID imaging made easy with Atola TaskForce  CellebriteThe Small Agency Guide to Modernizing Investigations Dan Maunz at CiscoCisco StarOS Forensic Guide Published ForensafeInvestigating Timezone Information Kevin […]

Week 18 – 2022

BelkasoftDealing with encryption within digital forensic and cyber incident response investigations Krzysztof Gajewski at CyberDefNerdArtifacts that you have never analyzed before… namely ETL files. Digital Forensics Myanmar eCDFP Module (5) File System Analysis (Part-1) eCDFP Module (5) File System Analysis (Part-2) Michael Karsyan at Event Log Explorer blogWorking with disk images in Forensic Edition ForensafeInvestigating […]

Week 17 – 2022

Jessica Hyde at Magnet ForensicsAndroid Motion Photos in Magnet AXIOM Aditya PratapWindows Triaging with Powershell — Part 1: Parsing Event Logs Blake’s R&DExtracting Cobalt Strike from Windows Error Reporting Cyber Social HubUnderstanding Tox Chat Dr. Neal Krawetz at ‘The Hacker Factor Blog’Where’s My Stuff? Jess Garcia at DS4N6[BLOG]  ODSC East 2022 – “Data Science for Digital Forensics […]

Week 16 – 2022

Cado SecurityInvestigating AWS ECS with Cado Response Chris Vance at ‘D20 Forensics’[Air]Tag You’re It! DFIR Review Ain’t That a Kik in the Head: Kik Messenger iOS Analysis Case Study: Forensic Analysis of TikTok on iOS Oleg Afonin at ElcomsoftDecrypting Password-Protected DOC and XLS Files in Minutes ForensafeInvestigating Foxit Reader Erik Schamper at NCC GroupA brief […]

Week 15 – 2022

Joshua James at DFIRScience Getting started in DFIR: Conferences and Workshops Oculus Quest 2 First Impressions and Research Notes DiabloHornFirewall analysis: A portable graph based approach Didier Stevens.ISO Files With Office Maldocs & Protected View in Office 2019 and 2021 Oleg Afonin at ElcomsoftUnlock WordPerfect and Lotus Documents with Advanced Office Password Recovery Brian Bahtiarian, […]

Week 14 – 2022

Christopher Romano and Vaishnav Murthy at CrowdStrikeCloudy with a Chance of Unclear Mailbox Sync: CrowdStrike Services Identifies Logging Inconsistencies in Microsoft 365 Krzysztof Gajewski at CyberDefNerdWhy do the battery use and the battery level matter during the investigation? Oleg Afonin at ElcomsoftWindows 11 TPM Protection, Passwordless Sign-In and What You Can Do About Them ForensafeInvestigating […]

Week 13 – 2022

Ahmed MusaadAnalyse Large Log Files Using ELK Andrew MalecAnyDesk Remote Access Benjamin Bruppacher at Compass SecurityVPN Appliance Forensics Dr Brian Carrier at Cyber TriageCyber Triage Lite – Analyzing User Activity Oleg Afonin at ElcomsoftSimplifying Digital Triage with Bootable Forensic Tools ForensafeInvestigating Page File URL’s Forensic-Research[논문리뷰] 이메일 원격지 압수·수색의 적법성에 관한 소고 – 대법원 2017.11.29. 선고 […]

Week 12 – 2022

Andy SmithForensic Analysis of Citymapper for Android Belkasoft BelkaCTF “Kidnapper Case” write-up The case of a missing girl and the power of a memory dump ForensafeInvestigating Logon Banner Geri at ‘4n6 Ninja’(Air)Dropping some Knowledge: Using  RLEAPP to Identify the Phone Number Used in an AirDrop Transfer Google Workspace UpdatesView more information on email delegate activity […]

Week 11 – 2022

Amber Schroader at Cyber Social HubExpectations of Facebook Data Dr. Brian Carrier at Cyber TriageCyber Triage Lite – Network, Disk Image, and Memory Inputs Krzysztof Gajewski at CyberDefNerd Battery charge level and its importance in forensics investigations. Quick analysis of the Internet Download Manager history using RegRipper plugins. Digital Forensics MyanmarFTK Imager ကိုဘာလို့နမူနာထားပြတာလဲ ForensafeInvestigating Windows […]