Lee Whitfield has announced the finalists for this years Forensic 4cast awards. Thanks for everyone that nominated this site for Resource of the Year.Forensic 4:cast Awards 2023 – Voting is now open! ThinkDFIRCPY JMP Brian Maloney at Malware MaloneyOneDrive Evolution ForensafeInvestigating Remote Desktop Connection Event Logs ForensicXlab📦 Volatility3 Windows Plugin : KeePass Invictus Incident ResponseImporting […]

Hexordia What’s brewing with IPAs – Working with IPA files for Forensic Examiners Cloud Storage & Digital Forensic Evidence David Spreadborough at AmpedClosed-Box CCTV Acquisition Using Storage Media Emre Caglar Hosgor at BelkasoftIncident Response with Belkasoft by Emre Caglar Hosgor, SOC Analyst—Specially for Belkasoft Blake Regancheckm8 to SSH Chuan-lun (Johnson) ChouFinding messages in Anonymous Chat […]

Chris Doman at Cado SecurityDFIR with KAPE and Cado Community Edition Darren LimForensic Analysis of Jami for Android, a Peer-to-Peer Messaging Application Decrypting a DefenseAI & Photography, NYC Council Hearing, Geofence Warrants, Search Warrant Returns, & More Michael Hamm at Digital CorporaCIRCL Forensics Exercises Haider at HK_Dig4nsicsiOS Shortcuts InfoSec Write-upsBlackEnergy Memory Forensic Ananlysis Invictus Incident […]

David Spreadborough at AmpedNavigating a CCTV Device and Reviewing Video BlackMambaBlackEnergy Memory Forensic Ananlysis ForensafeInvestigating Adobe Acrobat Reader HaircutfishTryHackMe Wireshark: The Basics — Task 1 Introduction & Task 2 Tool Overview Ian DBoggle-bytes in a Basic Data Partition Entry Markus Tuominen and Mehmet Mert Surmeli at WithSecureUnleashing the Power of Shimcache with Chainsaw N00b_H@ck3rCyberDefenders: AzurePot Phalgun Kulkarni and […]

Chris Doman at Cado SecurityThe Cado Platform Full Export for Forensic Data Lakes Digital Forensics MyanmarCHIP OFF ( Mobile FORENSIC) Domiziana FotiLetsDefend- SOC142 — Multiple HTTP 500 Response Oleg Afonin at ElcomsoftAnalyzing iPhone PINs Forensic Science International: Digital InvestigationVolume 44 JamfThreat advisory: Mobile spyware continues to evolve Mattia Epifani at Zena ForensicsiOS Forensics References: a curated list […]

Ahmed BelhadjadjiWindows Forensics: Event Logs Analysis David Spreadborough at AmpedPublic Submissions of CCTV and Video Evidence Elcomsoft Perfect Acquisition Part 4: The Practical Part Automating DFU Mode with Raspberry Pi Pico Automating Scrolling Screenshots with Raspberry Pi Pico Eric CapuanoCapturing & Parsing Forensic Triage Acquisitions for Investigation Timelining ForensafeInvestigating pCloud Invictus Incident ResponseRansomware in the […]

Andrew MalecIdentification, acquisition, and examination of iSCSI LUNs and VMFS datastores Monica Harris at CellebriteKey Takeaways and Highlights from Legalweek 2023 Chris at AskCleesImporting NSRL V3 hashsets into legacy tools Derek EiriGetting SMART(er) with Information Elcomsoft HomePod Forensics III: Analyzing the Keychain and File System Perfect Acquisition Part 3: Perfect HFS Acquisition ForensafeInvestigating Android Wi-Fi […]

Ahmed BelhadjadjiWindows Forensics: Examine Windows Files and Metadata David Spreadborough at Amped CCTV Recovery How to Use the Validation Tool in Amped FIVE Andrew Skatoff at ‘DFIR TNT’GoToForensics AvananThe Replier Attack Al Carchrie at Cado SecurityIPC YOU: How the Cado Platform Reveals Attacker Command Outputs  Dr. Ali Hadi at ‘Binary Zone’ Challenge #7 – SysInternals […]

Ahmed BelhadjadjiWindows Forensics Challenge Walkthrough (LETSDEFEND) Emma Sousa at Forgotten Nook CyberDefenders – Insider CyberDefenders – L’espion Eric Capuano Find Threats in Event Logs with Hayabusa A “Thank You” to Paid Subscribers So you want to be a SOC Analyst? Part 4 Forensafe Investigating Windows BitTorrent Investigating Windows Avira Antivirus Khris Tolbert at MaverisLabsHTB: CA2023 — Forensics […]

BelkasoftLagging for the Win: Querying for Negative Evidence in the sms.db David Spreadborough at AmpedCCTV Acquisition – Search and Trawl eForensics The Lockbit 3 Black Forensics Analysis: Memory Forensics Modern Approach (Part III) How to Better Prepare for a Memory Forensics Investigation Rooting Androids for Forensics iPhone Forensics Analyzing Malware Mobile Apps with VirusTotal Enterprise […]