AbdulRhman AlfaifiExploring Windows Artifacts : Jumplist Files Akash PatelThe Importance of Memory Acquisition in Modern Digital Forensics Christopher Eng at Ogmini Registry Hive – Data Types Part 6 Registry Hive – Data Types Part 7 DFIR Review – Acceptance on Windows Notepad Research Cleanup / Linting / Updating Registry Hive – Data Types Part 8 […]

Akash PatelJump List Changes in Windows 10 & 11: What You Need to Know Christopher Eng at Ogmini Thinking about that Windows Notepad Windows Notepad – Application Hive Markdown Setting Zeltser Challenge – Sixth Month Accomplishments Windows Notepad – Forced Save on Detecting Manipulation? Windows Notepad – Forced Save Regression Testing Windows Notepad – Markdown […]

Akash PatelForensic Differences Between Windows 10 and Windows 11 Arman Gungor at MetaspikeHow to Prove That An Email Was Received Chris SandersA Standard for Human-Centered Investigation Playbooks Christopher Eng at Ogmini Registry Hive – Data Types Part 4 Windows Notepad – Modifying TabState or WindowState Files Windows Notepad – Windows State Editor Pre-Release BelkaCTF 7 […]

Akash PatelDigging into Google Analytics & HubSpot Cookies for Forensics Christopher Eng at Ogmini Random Thoughts – Implications of MSIX App Containerization 010 Editor – RegistryHive Binary Template Registry Hive – Revisiting Documentation Registry Hive – Data Types Registry Hive – Data Types Part 2 Registry Hive – Data Types Part 3 My Methodology for […]

ThinkDFIRCached screenshots on Windows 11 Akash PatelLet’s Talk About HTTP — The Backbone of the Web (And a Goldmine for DFIR Folks) BelkasoftAutomating Digital Forensic Workflows with Belkasoft X Christopher Eng at Ogmini SSD Forensics – Flex Capacity Expectations vs Reality – Digital Forensic Science Master’s Degree Part 8 Windows Notepad – Recent Files (New Option) Windows […]

Akash Patel Where Do We Begin? A Network Forensic Investigator’s Steps The Silent Journey: A Cautionary Tale in Cyber Risk John Hyla at Blue Crew ForensicsiOS Stream Names Christopher Eng at Ogmini Zeltser Challenge – Fifth Month Accomplishments 2025 New York State Cybersecurity Conference RDCMan – Cracking DPAPI w/mimikatz Windows Notepad Parser – Documentation Update […]

Akash PatelMaster Wireshark tool Like a Pro: — The Ultimate Packet Analysis Guide for Real-World Analysts CCL SolutionsInvestigating PolyBuzz on Android Christopher Eng at Ogmini Remote Desktop Manager – Artifacts Part 6 Random Thoughts – System Naming RDCMan – Verifying DPAPI Activity WinFE Training – Completed RDCMan – Importance of DPAPI Activity SANS – Ransomware Summit 2025 […]

Akash PatelForensic Analysis of SQLite Databases Alexis Brignoni at ‘Initialization Vectors’Extraction, Processing, & Querying Apple Unified Logs from an iOS Device Alexander Fehrmann at AmpedProcessing Impression Evidence in Amped FIVE Brian MaloneyOneDrive Evolution and Schema Updates Christopher Eng at Ogmini DPAPI – Audit DPAPI Activity Remote Desktop Manager – Artifacts Remote Desktop Manager – Artifacts […]

Akash Patel Proxies in DFIR– Deep Dive into Squid Log & Cache Forensics with Calamaris and Extraction… BPF Ninja: Making Sense of Tcpdump, Wireshark, and the PCAP World Brian MaloneyOneDriveExplorer now supports Microsoft.FileUsageSync.db Christopher Eng at Ogmini Reading up on Volatility Pearson – Cyberattack Volatility3 – Windows 11 24H2 Memory Dump issues? WinFE Training – […]

Akash Patel Linux File System Analysis and Linux File Recovery: EXT2/3/4 Techniques Using Debugfs, Ext4magic &… Understanding Linux: Kernel Logs, Syslogs, Authentication Logs, and User Management Alexander Fehrmann at AmpedForensic Shoeprint Documentation and Analysis with Amped FIVE Atola TechnologyTips for Finding Evidence on Linux File Systems & Storage Devices Christopher Eng at Ogmini Revisiting ShimCache/AmCache […]