Andrew Rathbun and Eric ZimmermanEZ Tools Manuals Digital Forensics Discord ServerThe Hitchhiker’s Guide to DFIR: Experiences From Beginners and Experts – v1.2 Bill Thompson at OpenTextGetting to know your tools Liu Zhixiangcheckm8提取速查表：iPhone、iPad Derek EiriPractical Linux Forensics & a Mini Linux Forensics CTF David Stenhouse at DS ForensicsMy Time With The Judge ForensafeInvestigating Windows Defender James […]

Ali Alwashali at ‘HackDefend Labs’Sysinternals case writeup Paul Lorentz at CellebriteSmart Flow – A super-charged single step for extractions in UFED 7.60 Domiziana FotiLetsDefend- SOC112 — Traffic to Blacklisted IP Doug Metz at Baker Street ForensicsGroup collections from O365 with PowerShell ForensafeInvestigating iOS FACEBOOK Messenger Haircutfish TryHackMe MITRE Room-Task 3 ATT&CK® Framework TryHackMe MITRE Room- Task 1 […]

Cado Security Enhancing Cado Community Edition with Velociraptor WatchDog Continues to Target East Asian CSPs The Ultimate Guide to Ransomware Incident Response & Forensics Dr. Ali HadiChallenge #7 – SysInternals Case Oleg Afonin at Elcomsoft Advanced Logical Extraction with iOS Forensic Toolkit 8: Cheat Sheet Cloud Forensics: Obtaining iCloud Backups, Media Files and Synchronized Data […]

Blake ReganHow to create a forensic image of a physical hard drive using FTK Imager Alan Flora at CellebriteUsing Pathfinder to Avoid Ethical Dilemmas in Digital Forensics CTF导航 inctf Forensic复现 | Memlabs（下） inctf Forensic复现 | Memlabs（上） 电子取证之NTFS基础 Digital Forensics Myanmar Browser Forensics (Firefox, Chrome, Edge, Opera, Brave) Clear Browsing Data  Forensics (Firefox, Chrome, Edge, Opera, […]

Cado SecurityAnalysing Docker Images in the Cado Platform CTF导航如何基于volatility2构建“新”版本内核的profile DFIR Review Wipeout! Detecting Android Factory Resets An Alternate Location for Deleted SMS/iMessage Data in Apple Devices iOS KnowledgeC.db Notifications Digital Forensics Myanmar Disk Scan (OR) Low Level Enumeration  (NTFS  File System) Zone.idnetifier  In Master File Table (MFT) Joseph Moronwi at Digital Investigator IP Geolocation: A […]

CyberJunnkiePrintNightmare : Memory forensics and Network forensics challenge -> Letsdefend Derek EiriExploring AI Assisted Picture Categorization with Magnet Forensics AXIOM and X-Ways Forensics with Excire, Re: Weapons Digital Forensics MyanmarDisk Scan (OR) Low Level Enumeration  (FAT File System) Erik Hjelmvik at NetresecWhat is a PCAP file? ForensafeInvestigating VirtualBox Haircutfish TryHackMe Volatility — Task 2 Obtaining Memory Samples Secure […]

Krzysztof Gajewski at CyberDefNerdThe $MFT flag that you have never considered before – OneDrive not synchronized files. Mohamed Labib at DetectiveStringsMay svchosts guid you Domiziana FotiLetsDefend- SOC 175- PowerShell Found in Requested URL-Microsoft Exchange Server… ForensafeInvestigating FileZilla Fox-ITI’m in your hypervisor, collecting your evidence InfoSec Write-upsPylirt — Python Linux Incident Response Toolkit Md. Abdullah Al MamunMy Recent […]

John Lukach at 4n6irAmazon Linux Triage for Anyone and Everyone ArcPointGetting started with ALEAPP | ArcPoint Forensics Cyrill Brunschwiler at Compass SecurityTutorial on how to Approach Typical DFIR Cases with Velociraptor ForensafeInvestigating Ouick Access Harel Segev at ‘RAT In Mi Kitchen’The Forensic Value of the (Other) WSH Registry Key Lina Lau at InversecosHow to Investigate […]

Andre Maccarone and John Ailes at AonAmazon Web Services: Exploring the Cost of Exfil CERT-SE CTF2022CERT-SE CTF2022 CyberJunnkieIncident Response LetsDefend : Detecting Web App attack and detecting persistence Forensafe Investigating LogMeIN Investigating ExpressVPN Kathryn HedleyWindows 11 Time Rules Magnet ForensicsSRUM: Forensic Analysis of Windows System Resource Utilization Monitor Carl Purser at OpenTextApple property list parsing with […]

Chris Vance at ‘D20 Forensics’ iOS 16 Breaking Down the Biomes Part 2 – AppInstalls, AppLaunch, & AppIntents iOS 16 – Breaking Down the Biomes (Part 3) – Keeping up with CarPlay iOS 16 – Breaking Down the Biomes (Part 4) – Surfin’ with Safari iOS 16 – Breaking Down the Biomes Part 5 — […]