Week 22 – 2021

Voting for the annual Forensic 4cast Awards has opened! Thank you Lee for your tireless efforts yet again. Congratulations to everyone that was nominated for an award, and thank you everyone for nominating this website as one of the “Resource of the Year” finalists, against very worthy competition. Of course, I’d be happy to take […]

Week 21 – 2021

Andrea Fortuna at ‘So Long, and Thanks for All the Fish’iLEAPP: an iOS logs, events, and plists parser Angry-Bender’s blog houseNegative Decimal DWORD to Human Format BelkasoftBelkasoft CTF May 2021: Write-up Elcomsoft A Tale of One iPhone Backup Password The File System Dirty Bit Guide: Forensically Sound Extraction of iPhone 5s, 6, 6s and SE […]

Week 20 – 2021

Andrea Fortuna at ‘So Long, and Thanks for All the Fish’iOS Forensics: how to perform a logical acquisition with libimobiledevice Ashley PearsonVolatility 3 Cheatsheet Doug Metz at Baker Street ForensicsCollecting from Microsoft Teams using PowerShell Jess Garcia at DS4N6[BLOG]  DS4N6 – The Road So Far – Part II, by  Jess Garcia Forensafe Windows Wireless Networks […]

Week 19 – 2021

Angry-Bender’s blog houseDFIR Playbook – Windows Forensics(WIP APR21) John Walther at Carpe IndiciumCleaner Office365 logs with Excel and Magnet Custom Artifact Generator Heather Mahalik at CellebriteUFED Fundamentals Matter – You Asked, We Answered Dexter Morgan at Data ForensicsHow to Find Who Deleted Records in SQL Server? Perfect Workarounds Dr. Neal Krawetz at ‘The Hacker Factor […]

This Month In 4n6 – April – 2021

A monthly wrap-up of the DFIR news for April 2021. Special thanks to guest host Chapin Bryce, who offered to share his thoughts this month since I wasn’t able to put the podcast together. Thank you to those Patreon donors for the last month. This project takes a lot of time, so it’s very much appreciated that […]

Week 18 – 2021

Alexis BrignoniIdentifying the Android Operating System Version thru UsageStats Didier StevensQuickpost: Decrypting Cobalt Strike Traffic Forensafe Investigating Windows Services Investigating Internet Explorer Web Browser Kyle SongBlog #28: IPv6 in TeamViewer(v15) part 2. [EN] Jamie McQuaid at Magnet ForensicsVirtualizing Your Forensics Lab in the Cloud Part 5: Securing Your Evidence in Microsoft Azure Meisam Eslahi at […]

Week 17 – 2021

Lukasz D at Compass SecurityStraightforward Mobile Forensics DS ToolsWhatsApp in Plain Sight: Where and How You Can Collect Forensic Artifacts DS4N6 The DS-DFIR (Data Science for DFIR) Trip Starts… Jump In! Try the ds4n6_lib in the Cloud in minutes What is the DS4N6 Library (ds4n6_lib)? New DS4N6 library (ds4n6_lib) released! Erik Hjelmvik at NetresecAnalysing a […]

Week 16 – 2021

Alexis Brignoni at ‘Initialization Vectors’Android version without the build.props file SANSFOR509: Enterprise Cloud Forensics and Incident Response Barnaby SkeggsLSASS.DMP… Attacker or Admin? James Smith at DFIR MadnessCase 001 Super Timeline Analysis Kevin Pagano at Stark 4N6 BloomCon 0x05 Networks CTF – Who Am I? (Challenge 1) BloomCON 0x05 Networks CTF – Exfiltration Investigation (Challenge 2) […]

Week 15 – 2021

Andrea Fortuna at ‘So Long, and Thanks for All the Fish’Android Triage: a really useful forensic tool by Mattia Epifani BelkasoftInvestigating the Dropbox Desktop App for Windows with Belkasoft X Dr. Neal Krawetz at ‘The Hacker Factor Blog’All Spam All The Time Oleg Afonin at ElcomsoftBreaking RAR5 and 7Zip Passwords Kevin Pagano at Stark 4N6BloomCon […]

Week 14 – 2021

Arman Gungor at MetaspikeInvestigating Message Read Status in Gmail & Google Workspace Brian MaloneyYour AV is Trying to Tell You Something: Registry CCL SolutionsUpdated RabbitHole software sets new standard for forensic data exploration tools David Via and Scott Runnels at Fire Eye Threat ResearchBack in a Bit: Attacker Use of the Windows Background Intelligent Transfer […]