Week 48 – 2020

Alexander JägerGarmin .Fit file Forensics Andrea Fortuna at ‘So Long, and Thanks for All the Fish’iOS Forensic: full disk acquisition using checkra1n jailbreak Heather Mahalik at CellebriteKeyword Searching in Cellebrite BlackLight Content Search Cheeky4n6MonkeyiOS14 Maps History BLOB Script Giuseppe Scalzi at Compass SecurityThe “Volatility Triage App” for Splunk Danny Henderson JrSANS Community CTF November — Network Challenge […]

Week 47 – 2020

Chris at AskCleesSQLite Databases at hex level Craig Ball at ‘Ball in your Court’The Metadata Vanishes DFIR Review How Android Bluetooth Connections Can Determine if a Driver had Their Hands on the Wheel During an Accident Can Google Takeout Location Data Be Trusted? How to Use iOS Bluetooth Connections to Solve Crimes Faster Can You […]

Week 46 – 2020

Andrea Fortuna at ‘So Long, and Thanks for All the Fish’Linux Forensics: Memory Capture and Analysis Heather Mahalik at CellebriteHow To Use Cellebrite Physical Analyzer’s New Cloud Feature Dany at DigitellaWireshark for Network Forensics! Deepak KumarDigital Forensics Corner 1 Elcomsoft iOS 14.2, iOS 12.4.9, the Updated checkra1n 0.12 Jailbreak and File System Extraction Elcomsoft and […]

Week 45 – 2020

Heather Mahalik at CellebriteHow To Isolate And Filter Volume Shadow Copies In Cellebrite Blacklight Chris HoganDigital Forensic Efficiencies and Effectiveness with AWS and Open Source Elcomsoft Breaking Intuit Quicken and QuickBooks Passwords in 2021 Protecting iMessage Communications Forensic Focus Research Roundup: Communicating Uncertainty In Digital Forensics Results Automated Control Logic Forensics In Industrial Control Systems […]

This Month In 4n6 – October – 2020

A monthly wrap-up of the DFIR news for October 2020. Thank you to those Patreon donors for the last month. This project takes a lot of time, so it’s very much appreciated that people see enough value in it to contribute back 🙂 If you are a Patreon donor the show notes can be found here. Special […]

Week 44 – 2020

Our first (non-beta) run of the FOR308 class is running this week with Jason Jordaan at DFIRCON, very exciting!Why did you developed the SANS FOR308:Digital Forensics Essentials course? Brett Shavers at DFIR TrainingArsenal’s Bypass Data Protection API (DPAPI) Cellebrite How to Use Cellebrite Physical Analyzer’s New Image Classification Feature Stopping criminal activity in prisons with […]