Akash Patel Who’s Using a Proxy or VPN in Your M365 Environment — and Why It Matters Querying Like a Pro in Arkime: Getting the Most Out of Arkime Viewer: Beyond the Basics Why Arkime is a Game-Changer for Network Forensics (and Why It’s Not Just Another Wireshark) Aviv Yaniv at Courisity is a Drug Walk Through […]

Christopher Eng at Ogmini Fun CVE on Trains – Foamers Beware Expectations vs Reality – Digital Forensic Science Master’s Degree Part 9 Hackers N’ Hops CTF Hackers N’ Hops CTF – Part 2 CFP Submission – Finalizing Submission MB x MS Aviv Yaniv at Courisity is a Drug Walk Through Guide for Kusto Detective Agency […]

AbdulRhman AlfaifiExploring Windows Artifacts : Jumplist Files Akash PatelThe Importance of Memory Acquisition in Modern Digital Forensics Christopher Eng at Ogmini Registry Hive – Data Types Part 6 Registry Hive – Data Types Part 7 DFIR Review – Acceptance on Windows Notepad Research Cleanup / Linting / Updating Registry Hive – Data Types Part 8 […]

Akash PatelJump List Changes in Windows 10 & 11: What You Need to Know Christopher Eng at Ogmini Thinking about that Windows Notepad Windows Notepad – Application Hive Markdown Setting Zeltser Challenge – Sixth Month Accomplishments Windows Notepad – Forced Save on Detecting Manipulation? Windows Notepad – Forced Save Regression Testing Windows Notepad – Markdown […]

Akash PatelForensic Differences Between Windows 10 and Windows 11 Arman Gungor at MetaspikeHow to Prove That An Email Was Received Chris SandersA Standard for Human-Centered Investigation Playbooks Christopher Eng at Ogmini Registry Hive – Data Types Part 4 Windows Notepad – Modifying TabState or WindowState Files Windows Notepad – Windows State Editor Pre-Release BelkaCTF 7 […]

Akash PatelDigging into Google Analytics & HubSpot Cookies for Forensics Christopher Eng at Ogmini Random Thoughts – Implications of MSIX App Containerization 010 Editor – RegistryHive Binary Template Registry Hive – Revisiting Documentation Registry Hive – Data Types Registry Hive – Data Types Part 2 Registry Hive – Data Types Part 3 My Methodology for […]

ThinkDFIRCached screenshots on Windows 11 Akash PatelLet’s Talk About HTTP — The Backbone of the Web (And a Goldmine for DFIR Folks) BelkasoftAutomating Digital Forensic Workflows with Belkasoft X Christopher Eng at Ogmini SSD Forensics – Flex Capacity Expectations vs Reality – Digital Forensic Science Master’s Degree Part 8 Windows Notepad – Recent Files (New Option) Windows […]

Akash Patel Where Do We Begin? A Network Forensic Investigator’s Steps The Silent Journey: A Cautionary Tale in Cyber Risk John Hyla at Blue Crew ForensicsiOS Stream Names Christopher Eng at Ogmini Zeltser Challenge – Fifth Month Accomplishments 2025 New York State Cybersecurity Conference RDCMan – Cracking DPAPI w/mimikatz Windows Notepad Parser – Documentation Update […]

Akash PatelMaster Wireshark tool Like a Pro: — The Ultimate Packet Analysis Guide for Real-World Analysts CCL SolutionsInvestigating PolyBuzz on Android Christopher Eng at Ogmini Remote Desktop Manager – Artifacts Part 6 Random Thoughts – System Naming RDCMan – Verifying DPAPI Activity WinFE Training – Completed RDCMan – Importance of DPAPI Activity SANS – Ransomware Summit 2025 […]

Akash PatelForensic Analysis of SQLite Databases Alexis Brignoni at ‘Initialization Vectors’Extraction, Processing, & Querying Apple Unified Logs from an iOS Device Alexander Fehrmann at AmpedProcessing Impression Evidence in Amped FIVE Brian MaloneyOneDrive Evolution and Schema Updates Christopher Eng at Ogmini DPAPI – Audit DPAPI Activity Remote Desktop Manager – Artifacts Remote Desktop Manager – Artifacts […]