Week 42 – 2020

Jason Jordaan, one of my FOR308 coauthors, has shared his thoughts about our class. You can take the class with Jason at DFIRCON in November! Why should you take the FOR308: Digital Forensics Essentials? We answer this question and more. Building a House on Sand – Why Foundational Knowledge and Skills in Digital Forensics are […]

Week 41 – 2020

Andrea Fortuna at ‘So Long, and Thanks for All the Fish’How to extract sysdiagnose logs for forensic purposes on iOS Basis TechnologyIntro to DFIR: The Divide and Conquer Process (3 hours) Joshua James at Digital Forensic ScienceHex editors and data structures Elcomsoft Apple Mobile Devices Cheat Sheet Mobile Forensics: Are You Ready for iOS 14? […]

Week 40 – 2020

Abhiram KumarIntro to Linux memory forensics Cellebrite 5 Things To Look For When Investigating Cryptocurrency Crimes Cellebrite Physical Analyzer’s New Consolidated Messages Approach Chris Vance at ‘D20 Forensics’iOS – Tracking Bundle IDs for Containers, Shared Containers, and Plugins Craig Ball at ‘Ball in your Court’The Case for Native, I Swear Joshua James at Digital Forensic […]

This Month In 4n6 – September – 2020

A monthly wrap-up of the DFIR news for September 2020. Thank you to those Patreon donors for the last month. This project takes a lot of time, so it’s very much appreciated that people see enough value in it to contribute back 🙂 If you are a Patreon donor the show notes can be found here. Special […]

Week 39 – 2020

Geri at ‘4n6 Ninja’Sharing is Caring – An Overview of Shared Albums in iOS Atropos4n6Has the user logged into this account, or not? (Google Chrome’s Web Data-Part 2) Bryan Ambrose at Data Digitally Video and Image Analysis – Authentication Microsoft Teams artifacts and chat logs Alex Caithness at CCLHang on! That’s not SQLite! Chrome, Electron […]

Week 38 – 2020

Alexis Brignoni at ‘Initialization Vectors’It’s alive! – Attachment links in Discord Abhiram KumarGetdents – Insomni’hack teaser 2020 Atropos4n6Has the user logged into this account, or not? (Google Chrome’s Login Data-Part 1) Alexi Michaels at CellebriteValidating Artifacts with Cellebrite BlackLight Chris Vance at ‘D20 Forensics’ macOS – Safari Preferences and Privacy iOS 14 – First Thoughts […]

Week 37 – 2020

We’re finishing up with Beta 2 for FOR308, and the course is scheduled to run next at DFIRCON in November. If you’re looking for an introductory DFIR class then look no further! As always, thanks to those who give a little back for their support! AbdulRhman Alfaifi at U0041Certutil Artifacts Analysis Atropos4n6Artifacts of Dropbox Usage […]

Week 36 – 2020

Thanks to Lodrina for her work on the Threat Hunting and Malware Analysis sections. This will be her last week, I can’t thank her enough for the assistance as the workload for the blog has just gone through the roof. With everything in life at the moment I don’t think the summaries will be coming […]

Week 35 – 2020

FOR308 Beta 2 is getting closer, starting September 8th! As this is a beta this is run at a discounted price before it goes live. You can register here! Thanks to Lodrina for her work on the Threat Hunting and Malware Analysis sections. As always, thanks to those who give a little back for their […]