2020 is finally over! How lucky we are to see the day (no seriously, really grateful, could have been a lot worse). Not that we’re out of the woods yet, but hopefully 2021 is a lot brighter for a lot of people. The year didn’t start off easy in Australia with the fires that caused […]
Last weekly post of the year! I’m still planning an end of year wrap up post, and the podcast though so still a bit more work to do 🙂 Marco Fontani at AmpedHow to Use Amped Authenticate Video PRNU to Check Whether a Video and Some Images Are From the Same Camera Andrea Fortuna at […]
FOR308 is now available OnDemand, read more about it here! Andrea Fortuna at ‘So Long, and Thanks for All the Fish’Mobile forensics: how to identify suspect network traffic Dr. Neal Krawetz at ‘The Hacker Factor Blog’iPhone Pictures Tegan Parsons at First ResponseThe evidence shows that… Vishva Vaghela at Hacking ArticlesComprehensive Guide on Autopsy Tool (Windows) […]
Andrea Fortuna at ‘So Long, and Thanks for All the Fish’OSX Forensics: a brief selection of useful tools Shafik Punja guest post on Arsenal ReconArsenal Image Mounter (AIM) Walkthrough Atropos4n6How to use Partition%4DiagnosticParser Bryan Ambrose at Data DigitallyApple Pattern of Life Lazy Output’er (APOLLO) on Windows Heather Mahalik at CellebriteNavigating The Analyzed Data Modal In […]
Bill Stearns at Active CountermeasuresWhere Do I Put My Zeek Sensor? Andrea Fortuna at ‘So Long, and Thanks for All the Fish’How to extract forensic artifacts from Linux swap Atropos4n6Are you sure you extract all the available Volume Serial Numbers (VSNs) that reside in the Windows 10 Event Log “Microsoft-Windows-Partition%4Diagnostic.evtx”? Blue Team BlogSIEM – Use […]
A monthly wrap-up of the DFIR news for November 2020. Thank you to those Patreon donors for the last month. This project takes a lot of time, so it’s very much appreciated that people see enough value in it to contribute back 🙂 If you are a Patreon donor the show notes can be found here. Special […]
Alexander JägerGarmin .Fit file Forensics Andrea Fortuna at ‘So Long, and Thanks for All the Fish’iOS Forensic: full disk acquisition using checkra1n jailbreak Heather Mahalik at CellebriteKeyword Searching in Cellebrite BlackLight Content Search Cheeky4n6MonkeyiOS14 Maps History BLOB Script Giuseppe Scalzi at Compass SecurityThe “Volatility Triage App” for Splunk Danny Henderson JrSANS Community CTF November — Network Challenge […]
Chris at AskCleesSQLite Databases at hex level Craig Ball at ‘Ball in your Court’The Metadata Vanishes DFIR Review How Android Bluetooth Connections Can Determine if a Driver had Their Hands on the Wheel During an Accident Can Google Takeout Location Data Be Trusted? How to Use iOS Bluetooth Connections to Solve Crimes Faster Can You […]
Andrea Fortuna at ‘So Long, and Thanks for All the Fish’Linux Forensics: Memory Capture and Analysis Heather Mahalik at CellebriteHow To Use Cellebrite Physical Analyzer’s New Cloud Feature Dany at DigitellaWireshark for Network Forensics! Deepak KumarDigital Forensics Corner 1 Elcomsoft iOS 14.2, iOS 12.4.9, the Updated checkra1n 0.12 Jailbreak and File System Extraction Elcomsoft and […]
Heather Mahalik at CellebriteHow To Isolate And Filter Volume Shadow Copies In Cellebrite Blacklight Chris HoganDigital Forensic Efficiencies and Effectiveness with AWS and Open Source Elcomsoft Breaking Intuit Quicken and QuickBooks Passwords in 2021 Protecting iMessage Communications Forensic Focus Research Roundup: Communicating Uncertainty In Digital Forensics Results Automated Control Logic Forensics In Industrial Control Systems […]
