Offline AI—built for DFIR BelkaGPT saves you days of manual review and reporting: – Transcribes audio and video– Describes and classifies pictures– Searches for similar faces– Answers questions about case data– Understands over 100 languagesLet AI ease your workload! Grab a 30-day free license of Belkasoft X with BelkaGPT Sponsored by Belkasoft Christian PeterShall I […]

Mobile Forensics Cheatsheet Mobile devices track vast amounts of user activity—often a goldmine of forensic evidence: – Device information– Application usage– Bluetooth and Wi-Fi connections– …and other events, often paired with timestamps Our cheatsheet categorizes these records and maps them to exact locations in iOS and Android extractions. Download Belkasoft’s free cheatsheet for mobile system […]

Belkasoft X v2.10: More Evidence. Less Manual Effort. – Acquisition support for 40+ new Android devices– Deeper artifact extraction from Discord, Snapchat, iOS Biome, and more– Magnet Axiom (.mfdb) case import– Conversation context support and smarter artifact search in BelkaGPT– Built-in facial recognition for person-of-interest search Request your trial of Belkasoft X today Sponsored by […]

Try Belkasoft X with BelkaGPT—Free 30-Day Trial One platform for computer, mobile, cloud, car, and drone forensics. – Support for 1,500+ artifact types out of the box– Advanced tools for data search, visualization, and deep dives into source files– BelkaGPT—offline AI for media analysis and evidence search with natural language Learn more at belkasoft.com Sponsored […]

Belkasoft X v2.10 Is Here—With Smarter AI Assistant – BelkaGPT now holds context—ask follow-up questions without restating your query– Import Magnet Axiom (.mfdb) cases directly for AI analysis– Similar face search and grouping across pictures, no external tools needed– Timestamped transcriptions in audio and video help pin statements to exact moments  Request your trial of […]

No sponsor this week. If your organisation is interested, head over here to find out more. Chamindu PushpikaScattered Spider Uncaged – The AB Projekt Blue Investigation Elcomsoft Perfect Acquisition: The True Physical Acquisition Forensic Analysis of Windows 10 and 11 Event Logs Magnet ForensicsWindows Forensics: Understanding and Analyzing Pagefile.sys Artifacts Marco Neumann at ‘Be-binary 4n6’ BUBBLES!!! BUBBLES! […]

No sponsor this week. If your organisation is interested, head over here to find out more. Atola TechnologyMaster Your Drives with MultiDrive BerlaEstablishing Occupant Actions & Involvement Elcomsoft Choosing the Right Strategy: Cold Boot Forensics vs Live System Analysis Perfect Acquisition With Passcode Unlock for A8/A8X Devices Investigating Windows Registry ForensafeiOS Geolocation Jordan MussmanMac Forensics in 2026 […]

No sponsor this week. If your organisation is interested, head over here to find out more. Chris at AskCleesDecrypting Threema4.db Mike Wilkinson at Cyber TriageConfiguring Your System for IR: Windows Logging Derek EiriExploring frame-counts-galore and hashing pixel data Oleg Afonin at ElcomsoftLive System Analysis: Mitigating Interference from Antivirus Tools ForensafeAndroid Threema Kenneth G Hartman at Lucid Truth […]

No sponsor this week. If your organisation is interested, head over here to find out more. BerlaFinding Previous Locations Without Geolocation Data Forensafe Android CoverMe iOS Timezone Information Hideaki Ihara at port139Win 11 25H2 におけるSRUM検証 Matthew PlascenciaLinux Kidnapping Case Maxim SuhanovWindows event logs were cleared, but resurrected in another file! Monty Shyama Freezing the Crime Scene: A […]

No sponsor this week. If your organisation is interested, head over here to find out more. Digital Forensics Myanmar Network Action Predictor (Browser Forensic) SSD Recovery, Limitation and Suggestion Nicholas Dubois at HexordiaThe Secret Header: How iMessage Link Previews “Skip” YouTube Ads Hideaki Ihara at port139 AIによる低レイヤ解析：Ext4/Ext3ディレクトリエントリ削除の論理とバイナリの変容 Windows 11 IME履歴を解き明かす Velociraptor 調査の舞台裏：Windows.Triage.Targets の解析とカスタマイズ 取得対象のダミーファイルを作成する：Test-ForensicCollection.ps1 Matthew PlascenciaDisassemble that […]