Akash Patel Proxies in DFIR– Deep Dive into Squid Log & Cache Forensics with Calamaris and Extraction… BPF Ninja: Making Sense of Tcpdump, Wireshark, and the PCAP World Brian MaloneyOneDriveExplorer now supports Microsoft.FileUsageSync.db Christopher Eng at Ogmini Reading up on Volatility Pearson – Cyberattack Volatility3 – Windows 11 24H2 Memory Dump issues? WinFE Training – […]

Akash Patel Linux File System Analysis and Linux File Recovery: EXT2/3/4 Techniques Using Debugfs, Ext4magic &… Understanding Linux: Kernel Logs, Syslogs, Authentication Logs, and User Management Alexander Fehrmann at AmpedForensic Shoeprint Documentation and Analysis with Amped FIVE Atola TechnologyTips for Finding Evidence on Linux File Systems & Storage Devices Christopher Eng at Ogmini Revisiting ShimCache/AmCache […]

Adam at HexacornMinority (forensic) report aka defending forward w/o hacking back Akash Patel Creating a Timeline for Linux Triage with fls, mactime, and Plaso (Log2Timeline) Understanding Linux Service Management Systems and Persistence Mechanisms in System Compromise Timestomping in Linux: Techniques, Detection, and Forensic Insights BelkasoftSkype Forensics Postmortem: Why DFIR Specialists Should Still Care Christopher Eng […]

Akash Patel Understanding Rootkits: The Ultimate Cybersecurity Nightmare and Direct Kernel Object Manipulation Understanding Userland Hooks and Rootkits in Real-World Investigations Extracting Memory Objects with MemProcFS/Volatility3/Bstrings: A Practical Guide Disk Imaging (Part 1) : Memory Acquisition & Encryption Checking Digital Forensics (Part 2): The Importance of Rapid Triage Collection — Kape vs FTK Imager Amped Forensic Fingerprint Analysis: […]

Akash Patel P13 Analyzing Safari Browser, Apple Mail Data and Recents Database Artifacts on macOS Intrusion Analysis and Incident Response on macOS: File Quarantine, Antivirus Mechanisms, and… P14 Using APOLLO for macOS investigation Christopher Eng at Ogmini Expectations vs Reality – Digital Forensic Science Master’s Degree Part 7 David Cowen Sunday Funday Challenge – Browser […]

Akash Patel Making Sense of macOS Logs(Part1): A User-Friendly Guide A Curious Case with SentinelOne: Same Rule, Different Behavior? P11 macOS Tracking Users Activity, Autoruns and Application-Level Firewall and Forensic Insights Bayaz NetDetection — Evidence Of Execution In Linux? Manny Kressel at BitmindzApple T2 Chip and Silicon Mac Acquisition using NBFTools NETRE Ben Bowman at Black Hills […]

Akash Patel Understanding Partitioning Schemes, FileVault 2 and macOS Encryption: A User-Friendly Guide P5: Exploring macOS Extended Attributes: The Hidden Metadata You Didn’t Know Existed || P6… P7 macOS File System Events: The Power of Spotlight Christopher Eng at Ogmini CISSP – Stalled Zeltser Challenge – Third Month Accomplishments CISSP – Domain 3 David Cowen […]

Amnesty International Security LabJournalists targeted with Pegasus spyware Andrew MalecGenerate custom profile using btf2json BelkasoftWindows Registry Forensics: Analysis Techniques Christopher Eng at Ogmini Expectations vs Reality – Digital Forensic Science Master’s Degree Part 6 GaslitPad – DNS Communication David Cowen Sunday Funday Challenge – SSH Artifacts in Windows 11 SSH Artifacts in Windows 11 – […]

Jessica Hyde at Forensic MagData Preservation on Mobile Devices: The Quicker, The Better Akash Patel Investigating Firefox Browser Forensics: A Forensic Guide/Browser analysis Book Firefox Privacy Settings and Firefox Extensions as well as synchronization: A Forensic Deep Dive Browser Credential Storage and Forensic Password Recovery Forensic Analysis (Investigating downloads, Browsers Bookmark, Extensions) of Microsoft Edge… […]

Akash Patel Firefox Cache: A Forensic Perspective include parsing Firefox Cookies/ Download History/ Auto-Complete Data : A Forensic Perspective Christopher Eng at Ogmini Wide World of DFIR Magnet Virtual Summit 2025 CTF – AAR “Pigs in a Blanket” Magnet Virtual Summit 2025 CTF – AAR “Dressing, with a dash, of 17 spices” Magnet Virtual Summit 2025 […]