Cado SecurityInvestigating AWS ECS with Cado Response Chris Vance at ‘D20 Forensics’[Air]Tag You’re It! DFIR Review Ain’t That a Kik in the Head: Kik Messenger iOS Analysis Case Study: Forensic Analysis of TikTok on iOS Oleg Afonin at ElcomsoftDecrypting Password-Protected DOC and XLS Files in Minutes ForensafeInvestigating Foxit Reader Erik Schamper at NCC GroupA brief […]

Joshua James at DFIRScience Getting started in DFIR: Conferences and Workshops Oculus Quest 2 First Impressions and Research Notes DiabloHornFirewall analysis: A portable graph based approach Didier Stevens.ISO Files With Office Maldocs & Protected View in Office 2019 and 2021 Oleg Afonin at ElcomsoftUnlock WordPerfect and Lotus Documents with Advanced Office Password Recovery Brian Bahtiarian, […]

Christopher Romano and Vaishnav Murthy at CrowdStrikeCloudy with a Chance of Unclear Mailbox Sync: CrowdStrike Services Identifies Logging Inconsistencies in Microsoft 365 Krzysztof Gajewski at CyberDefNerdWhy do the battery use and the battery level matter during the investigation? Oleg Afonin at ElcomsoftWindows 11 TPM Protection, Passwordless Sign-In and What You Can Do About Them ForensafeInvestigating […]

Ahmed MusaadAnalyse Large Log Files Using ELK Andrew MalecAnyDesk Remote Access Benjamin Bruppacher at Compass SecurityVPN Appliance Forensics Dr Brian Carrier at Cyber TriageCyber Triage Lite – Analyzing User Activity Oleg Afonin at ElcomsoftSimplifying Digital Triage with Bootable Forensic Tools ForensafeInvestigating Page File URL’s Forensic-Research[논문리뷰] 이메일 원격지 압수·수색의 적법성에 관한 소고 – 대법원 2017.11.29. 선고 […]

Andy SmithForensic Analysis of Citymapper for Android Belkasoft BelkaCTF “Kidnapper Case” write-up The case of a missing girl and the power of a memory dump ForensafeInvestigating Logon Banner Geri at ‘4n6 Ninja’(Air)Dropping some Knowledge: Using  RLEAPP to Identify the Phone Number Used in an AirDrop Transfer Google Workspace UpdatesView more information on email delegate activity […]

Amber Schroader at Cyber Social HubExpectations of Facebook Data Dr. Brian Carrier at Cyber TriageCyber Triage Lite – Network, Disk Image, and Memory Inputs Krzysztof Gajewski at CyberDefNerd Battery charge level and its importance in forensics investigations. Quick analysis of the Internet Download Manager history using RegRipper plugins. Digital Forensics MyanmarFTK Imager ကိုဘာလို့နမူနာထားပြတာလဲ ForensafeInvestigating Windows […]

Kevin Ripa at SANSThe Truth About USB Device Serial Numbers – (and the lies your tools tell) Kibaffo33Decoding Vaulty Dr. Neal Krawetz at ‘The Hacker Factor Blog’Information Warfare ForensafeInvestigating ThumbCache Forensic-ResearchVirtualBox 가상머신의 메모리 덤프 추출 Magnet Forensics Analysis of Hikvision Date/Time DFIR in Zero-Trust Environments: Utilizing AXIOM Cyber for Remote Collection with Zscaler Data Recovery […]

Kevin RipaThe Truth About USB Device Serial Numbers – (and the lies your tools tell) BelkasoftWhy RAM dumping is so important and what tool to use? CellebriteIsolating Devices to Preserve Evidence Cheeky4n6MonkeyMonkey Attempts To Digest Some Google Takeout (DetectedActivitys) Digital Forensics MyanmarCHFI-V10-Dark Web-Note ForensafeInvestigating Windows Recycle Bin Herbie Zimmerman at “Lost in Security”2022-02-26 Quick Post […]

Abdallah Elnoty2019 Defcon DFIR CTF Write-up (Memory Forensics) Camille LoreParsing Google Voice Search CellebriteCellebrite Announces Fourth Quarter and Full Year 2021 Results Dr. Neal Krawetz at ‘The Hacker Factor Blog’Three Minute Forgeries Elcomsoft Dude, Where Are My Messages? GPU Acceleration On The Cheap: Using Affordable Video Cards to Break Passwords Faster ForensafeInvestigating PowerShell InfoSec Write-ups […]