As always, Thanks to those who give a little back for their support! FORENSIC ANALYSIS Brian Moran has updated the BriMor Live Response Collection to include many more Mac artifacts including logs and browser history; there’s a few Windows collection updates as well! Live Response Collection – Cedarpelta Danny Garcia at Cellebrite gives an overview […]

Thanks to Lodrina for her contributions As always, Thanks to those who give a little back for their support! FORENSIC ANALYSIS Richard Frawley at ADF posted a couple of articles this week He describes how to perform a RAM capture Collect RAM on a Live Computer And demonstrates how to use DEI to boot scan […]

Thanks to Lodrina for her work. As always, Thanks to those who give a little back for their support! FORENSIC ANALYSIS Arman Gungor at Metaspike explains the Content-Length header field found in e-mails, as well as how to preserve and use it in an investigation Using the Content-Length Header Field in Email Forensics Cyrill Brunschwiler […]

Had an exciting week in Singapore with the students of the FOR500 Windows Forensics Analysis class and learned a lot about content delivery and teaching from Ovie! Plus a chance to hang out with the other great instructors that were in town. As always, Thanks to those who give a little back for their support! […]

Lodrina’s back! As always, Thanks to those who give a little back for their support! FORENSIC ANALYSIS Dave Cowen at the ‘Hacking Exposed Computer Forensics Blog’ wrote a couple of posts this week The winner of last week’s Sunday Funday was Tun Naung, who with a little convincing has started a blog where he posted […]

Lee Whitfield has opened up nominations for the Forensic 4cast awards, held during the SANS DFIR Summit. This site has been nominated as blog of the year the last two years running, and it is greatly appreciated if you could take the time to nominate it again. Forensic 4:cast Awards 2019 – Nominations are Open […]

As always, Thanks to those who give a little back for their support! FORENSIC ANALYSIS Alexis Brignoni at ‘Initialization Vectors’ has released a new script for pulling out plists found embedded within the iOS KnowledgeC database. I came to Alexis with a problem of automating the extraction of these plists and he delivered in spades. […]