Thanks to everyone that voted for this site for “Resource of the Year”. Congratulations to all of the winners!2021 Forensic 4:cast Awards – Results Alexis Brignoni at ‘Initialization Vectors’vLEAPP – Vehicle Logs Events And Properties Parser Howie Shia at Amnesty InternationalForensic Methodology Report: How to catch NSO Group’s Pegasus Bill Marczak, John Scott-Railton, Siena Anstis, […]

Amber Schroader at Paraben CorporationTikTok Smartphone Evidence Marco Fontani at AmpedHow Can I View and Show the Date and Time of a CCTV Video File? AmrChapter 7 – Registry Analysis Chris Vance at ‘D20 Forensics’ iOS – Tracking Device Migration Android – Tracking Device Migration Oleg Afonin at Elcomsoft Analyzing Microsoft Timeline, OneDrive and Personal […]

Andrea Fortuna at ‘So Long, and Thanks for All the Fish’iOS Forensics: how to perform a logical acquisition with libimobiledevice Ashley PearsonVolatility 3 Cheatsheet Doug Metz at Baker Street ForensicsCollecting from Microsoft Teams using PowerShell Jess Garcia at DS4N6[BLOG]  DS4N6 – The Road So Far – Part II, by  Jess Garcia Forensafe Windows Wireless Networks […]

Alexis BrignoniIdentifying the Android Operating System Version thru UsageStats Didier StevensQuickpost: Decrypting Cobalt Strike Traffic Forensafe Investigating Windows Services Investigating Internet Explorer Web Browser Kyle SongBlog #28: IPv6 in TeamViewer(v15) part 2. [EN] Jamie McQuaid at Magnet ForensicsVirtualizing Your Forensics Lab in the Cloud Part 5: Securing Your Evidence in Microsoft Azure Meisam Eslahi at […]

Nominations for the 4Cast Awards have opened again! Get your nominations in early!Lee has done a fantastic job for over a decade getting this together and his work is very much appreciated.Please make sure you nominate everyone who had an impact on you throughout 2020 to show your appreciation for them!2021 Forensic 4:cast Awards – […]

Also I’ll be delivering a SANS @Mic talk this Wednesday, 17 February at 1PM AEDT (2AM UTC, sorry!). The talk is aimed at people new to the field, talking about how to get started learning about digital forensics by testing and experimenting. You can register here Andrea Fortuna at ‘So Long, and Thanks for All […]

ThinkDFIRMetaspike CTF – Week 5 – “Spot the DFIRence” Abhiram’s Blog Mr EvilPepo [series] – TrollCAT CTF 2021 S3cr3t – TrollCAT CTF 2021 Andrea Fortuna at ‘So Long, and Thanks for All the Fish’Windows registry Transaction Logs in forensic analysis Brian MaloneyYour AV is Trying to Tell You Something: rawlog.log DFIR Review Extracting and Decrypting […]

Jessica Hyde at Magnet ForensicsAndroid Motion Photos in Magnet AXIOM Doug Metz at Baker Street ForensicsForensic Imaging a Microsoft Surface Pro Brian MaloneyYour AV is Trying to Tell You Something: tralog.log Matt Goeckel at CellebriteHow to Use The Project Tree and Analyzed Data in Cellebrite Physical Analyzer to Find Data Fast Chris Vance at ‘D20 […]

Jordan Drysdale at Black Hills Information SecurityA Sysmon Event ID Breakdown Brian MaloneyYour AV is Trying to Tell You Something: Log Lines Deagler’s 4n6 BlogAn Android Casting (Device) Story: “cast.db” Kovar & Associates UAV THREATS TO THE OIL AND GAS INDUSTRY PART 1: THE THREAT IS REAL UAV THREATS TO THE OIL AND GAS INDUSTRY […]

FOR308 is now available OnDemand, read more about it here! Andrea Fortuna at ‘So Long, and Thanks for All the Fish’Mobile forensics: how to identify suspect network traffic Dr. Neal Krawetz at ‘The Hacker Factor Blog’iPhone Pictures Tegan Parsons at First ResponseThe evidence shows that… Vishva Vaghela at Hacking ArticlesComprehensive Guide on Autopsy Tool (Windows) […]