Week 33 – 2022

Jessica Hyde at HexordiaCreating Synthetic Test Data Asger SGeolocating IP addresses in Velociraptor Gary Warner at CyberCrime & Doing TimeThree UK-based Nigerian BEC Scammers Used Construction Intelligence Service to Target Victims Joshua I. James at DFIRScienceModular artifact scripts coming to iLEAPP Muhammed AygünBAM/DAM Analizi N00b_H@ck3rLetsDefend: Memory Dumper Oxygen ForensicsExtract Data from OnlyFans App with Oxygen […]

Week 32 – 2022

AxelaratorCloud Recon BelkasoftBelkasoft CTF July 2022: Write-up Carlos at Carlos Cajigas at ‘Mash That Key’Velociraptor Playground 2022-08-02 CloudbrothersUpdate to the Hitchhiker’s Guide to Microsoft Defender for Endpoint exclusions Cyber TriageWhat is a Windows OpenSave MRU Artifact? Yogesh Khatri at DFRWSDFRWS APAC 2022 Call for participation Elcomsoft Windows Hello: No TPM No Security New in Elcomsoft […]

Week 31 – 2022

Andrew RathbunWindows 10 vs. Windows 11, What Has Changed? Cyber TriageWhat is a Microsoft Office Most Recently Used Artifact “MRU” Joseph Moronwi at Digital InvestigatorWindows Memory Dump Analysis With Volatility Doug Metz at Baker Street ForensicsMagnet 2022 CTF – iOS15 Vladimir Katalov at Elcomsoftcheckm8 Extraction: iPhone 7 Elizabeth McPherson at HexordiaJailbreaking iPhone XR with unc0ver […]

Week 30 – 2022

Andrew MalecSecurity Patch/KB Install Date Arsenal ReconCheck out Arsenal Recon’s post Krzysztof Gajewski at CyberDefNerdEasy way to prove that a file was downloaded by a web browser, having only $UsnJrnl logs. Digital Forensics Myanmar Unkown USB Stick  Analysis Smart Watch Forensics Joseph Moronwi at Digital InvestigatorImage OSINT Investigations Dr. Neal Krawetz at ‘The Hacker Factor […]

Week 29 – 2022

Heather Mahalik at CellebriteFinal CTF 2022 Round Up Scott Koenig at DFIR ReviewiOS Location Services and System Services are they ON or OFF Digital Forensics Myanmar eCDFP Module (5) File System Analysis (Part-9)  (NTFS File System Analysis) eCDFP Module (5) File System Analysis (Part-10)  (NTFS File System Analysis) Forensafe Investigating Windows Terminal Investigating Mapped NEtwork […]

Week 28 – 2022

Mark Spencer at Arsenal ReconMaximum Exploitation of Windows Registry Hive Bins Cellebrite Part 2: CTF 2022 Write Up – Heisenberg’s Android Part 3: CTF 2022 Write Up – Marsha’s iOS Device Part 4: CTF 2022 Write Up – Beth’s iOS Device Krzysztof Gajewski at CyberDefNerdStripped off ADS (Zone.Identifier) for files downloaded in the incognito/private mode. […]

This Month In 4n6 – June – 2022

A monthly wrap-up of the DFIR news for June 2022. Thank you to those Patreon donors for the last month. This project takes a lot of time, so it’s very much appreciated that people see enough value in it to contribute back 🙂 If you are a Patreon donor the show notes will be found here. Special […]

Week 27 – 2022

The voting for the 2022 Forensic 4Cast Awards has been opened. Thank you everyone that nominated this website, please make sure to cast your votes below!2022 Forensic 4:cast Awards – Voting is now OPEN BlackholdVolcado de memoria con LiME y análisis con Volatility Blake’s R&DA Begginers All Inclusive Guide to ETW DaddycocoamanDumping RSA Certificates with […]

Week 26 – 2022

Patrick Bennett at CrowdStrikeThe Call Is Coming from Inside the House: CrowdStrike Identifies Novel Exploit in VOIP Appliance Cyber Social HubHow To Use ExifTool To Look At Metadata Digital Forensics Myanmar eCDFP Module (5) File System Analysis (Part-6)  (NTFS File System Analysis) OSINT Critical Thinking For Social Media Elcomsoft checkm8 Extraction: the iPads, iPods, and […]

Week 25 – 2022

Lee Whitfield has opened the nominations for the Forensic 4cast awards for another week; get your last minute nominations in now!Forensic 4:cast Awards – Update Didier StevensDiscovering A Forensic Artifact Digital Forensics Myanmar How the Federal Government Buys Our Cell Phone Location Data By  BENNETT CYPHERS  (Myanmar Translation) Solid State Drive (SSD) Structure & Forensics […]