John Lukach at 4n6irAdditional CloudFront Log Formats and Destinations Paul Lorentz at CellebriteDon’t Lose Your Evidence: What’s at Stake with the iOS 18 Changes Cyber Sundae DFIRCapabilityAccessManager.db Deep Dive, Part 2 Krzysztof Gajewski at CyberDefNerdWho Knows What Happened to My Logs? Tracking Event Log Deletion Django Faiola at ‘Appunti di Informatica Forense’iOS Foursquare Swarm – […]

Adam Harrison at 1234n6 Relationship between Microsoft Server and Desktop OS Versions Available Artifacts – Indicators of Execution Updated BelkasoftMobile Forensics Cheatsheet: iOS and Android System Artifacts John Hyla at Blue Crew ForensicsDEBA / MDPlist Files Decrypting a DefenseStrava and Data Brokers, Tech Eulogies, Social Media and the Fourth Amendment, the Future of Legal AI-d […]

Adam MesserCloud Digital Forensics and Incident Response — Elastic Kubernetes Service Takeover Leads to… BelkasoftDocument Forensics with Belkasoft X CTF导航Reverse Engineering iOS 18 Inactivity Reboot Tonmoy Jitu at Denwp ResearchUnexplored LOLBAS Technique: Wevtutil.exe DFIR InsightsMastering Sysmon e-book release ForensafeInvestigating Android Firebase Cloud Messaging Nicholas Dubois at HexordiaiOS Inactivity Reboot Salvation DATA Key Benefits of Disk Imaging for […]

Akash Patel Microsoft 365 Security: Understanding Built-in Detection Mechanisms and Investigating Log Events Memory Forensics Using Strings and Bstrings || MemProcFS/MemProcFS Analyzer: A Comprehensive Guide Unveiling Volatility 3: A Guide to Installation and Memory Analysis on Windows and WSL “Step-by-Step Guide to Uncovering Threats with Volatility: A Beginner’s Memory Forensics… Source of Logs in Azure(P4:- […]

David Spreadborough at AmpedProtecting Evidence: Lossless Data Extraction in Forensic Video Conversion Atola TechnologyUnveiling Tomorrow: New Technologies in Hard Drives Chris at AskCleesChrome Visited Links Krzysztof Gajewski at CyberDefNerdRunMRU is not the only one forensic artifact left by the “Run” Prompt Dr. Neal Krawetz at ‘The Hacker Factor Blog’SEAL of Approval ForensafeSolving Cellebrite CTF 2024 […]

David Spreadborough at AmpedBehind the Screen: Codecs and Formats Unveiled David Haddad at Breakpoint ForensicsSamsung Secure Health Data Parser — A Forensic Tool for Parsing & Analyzing Samsung Secure Health Databases Cyber Sundae DFIRCapabilityAccessManager.db Deep Dive, Part 1 Denis Szadkowski, Paul van Ramesdonk, Maike Orlikowski and Johann Aydinbas at DCSO CyTecUnransomware: From Zero to Full […]

Krzysztof Gajewski at CyberDefNerdWindows Artifacts: Analyzing the USN Journal on a Live System Clint Marsden at DFIR InsightsQuick Fixes for plaso / Log2timeline Error: Key Troubleshooting on Ubuntu Dr. Neal Krawetz at ‘The Hacker Factor Blog’ Account Payable Phishing Attacks C2PA and the All Adobe Show ForensafeSolvig Cellebrite CTF 2024 (Felixs’ iOS) Magnet ForensicsThat one […]

Oleg Afonin at ElcomsoftWhen Speed Matters: Imaging Fast NVMe Drives ForensafeInvestigating Android Gboard Magnet Forensics The importance of PowerShell logs in digital forensics  ShimCache vs AmCache: Key Windows Forensic Artifacts Faan Rossouw at Active CountermeasuresMalware of the Day – Specula Adam GossCollection Management Framework Template (+FREE Download) Assaf Morag at AquaThreat Alert: TeamTNT’s Docker Gatling […]

CyberJunnkieHackathon 24 Prequalifiers: Forensics Challenge “hacked” First blood Team deathstrik3 Dr. Neal Krawetz at ‘The Hacker Factor Blog’C2PA and Authenticated Disinformation Vladimir Katalov at ElcomsoftOutlook Forensic Toolbox Helps Access Deleted Messages ForensafeInvestigating Android Life360 Magnet Forensics Unraveling the clues: RDP artifacts in incident response  5 iOS forensics evidence sources to capture before they expire Matt […]

BelkasoftCase Study: From Hidden Databases to Key Evidence with Belkasoft X’s SQLite Viewer Cyber Sundae DFIRCapability Access Manager Forensics in Windows 11 Krzysztof Gajewski at CyberDefNerdLinux Artifacts: Timestamps of Last SUDO Command Execution Decrypting a DefenseSecure Messaging, Accessing Locked Phones, Retention of Seized Devices, Software Source Code, & More Dr. Neal Krawetz at ‘The Hacker […]