Akash PatelMaster Wireshark tool Like a Pro: — The Ultimate Packet Analysis Guide for Real-World Analysts CCL SolutionsInvestigating PolyBuzz on Android Christopher Eng at Ogmini Remote Desktop Manager – Artifacts Part 6 Random Thoughts – System Naming RDCMan – Verifying DPAPI Activity WinFE Training – Completed RDCMan – Importance of DPAPI Activity SANS – Ransomware Summit 2025 […]

Akash PatelForensic Analysis of SQLite Databases Alexis Brignoni at ‘Initialization Vectors’Extraction, Processing, & Querying Apple Unified Logs from an iOS Device Alexander Fehrmann at AmpedProcessing Impression Evidence in Amped FIVE Brian MaloneyOneDrive Evolution and Schema Updates Christopher Eng at Ogmini DPAPI – Audit DPAPI Activity Remote Desktop Manager – Artifacts Remote Desktop Manager – Artifacts […]

Akash Patel Proxies in DFIR– Deep Dive into Squid Log & Cache Forensics with Calamaris and Extraction… BPF Ninja: Making Sense of Tcpdump, Wireshark, and the PCAP World Brian MaloneyOneDriveExplorer now supports Microsoft.FileUsageSync.db Christopher Eng at Ogmini Reading up on Volatility Pearson – Cyberattack Volatility3 – Windows 11 24H2 Memory Dump issues? WinFE Training – […]

Akash Patel Linux File System Analysis and Linux File Recovery: EXT2/3/4 Techniques Using Debugfs, Ext4magic &… Understanding Linux: Kernel Logs, Syslogs, Authentication Logs, and User Management Alexander Fehrmann at AmpedForensic Shoeprint Documentation and Analysis with Amped FIVE Atola TechnologyTips for Finding Evidence on Linux File Systems & Storage Devices Christopher Eng at Ogmini Revisiting ShimCache/AmCache […]

Adam at HexacornMinority (forensic) report aka defending forward w/o hacking back Akash Patel Creating a Timeline for Linux Triage with fls, mactime, and Plaso (Log2Timeline) Understanding Linux Service Management Systems and Persistence Mechanisms in System Compromise Timestomping in Linux: Techniques, Detection, and Forensic Insights BelkasoftSkype Forensics Postmortem: Why DFIR Specialists Should Still Care Christopher Eng […]

Akash Patel Understanding Rootkits: The Ultimate Cybersecurity Nightmare and Direct Kernel Object Manipulation Understanding Userland Hooks and Rootkits in Real-World Investigations Extracting Memory Objects with MemProcFS/Volatility3/Bstrings: A Practical Guide Disk Imaging (Part 1) : Memory Acquisition & Encryption Checking Digital Forensics (Part 2): The Importance of Rapid Triage Collection — Kape vs FTK Imager Amped Forensic Fingerprint Analysis: […]

Akash Patel P13 Analyzing Safari Browser, Apple Mail Data and Recents Database Artifacts on macOS Intrusion Analysis and Incident Response on macOS: File Quarantine, Antivirus Mechanisms, and… P14 Using APOLLO for macOS investigation Christopher Eng at Ogmini Expectations vs Reality – Digital Forensic Science Master’s Degree Part 7 David Cowen Sunday Funday Challenge – Browser […]

Akash Patel Making Sense of macOS Logs(Part1): A User-Friendly Guide A Curious Case with SentinelOne: Same Rule, Different Behavior? P11 macOS Tracking Users Activity, Autoruns and Application-Level Firewall and Forensic Insights Bayaz NetDetection — Evidence Of Execution In Linux? Manny Kressel at BitmindzApple T2 Chip and Silicon Mac Acquisition using NBFTools NETRE Ben Bowman at Black Hills […]

Akash Patel Understanding Partitioning Schemes, FileVault 2 and macOS Encryption: A User-Friendly Guide P5: Exploring macOS Extended Attributes: The Hidden Metadata You Didn’t Know Existed || P6… P7 macOS File System Events: The Power of Spotlight Christopher Eng at Ogmini CISSP – Stalled Zeltser Challenge – Third Month Accomplishments CISSP – Domain 3 David Cowen […]

Amnesty International Security LabJournalists targeted with Pegasus spyware Andrew MalecGenerate custom profile using btf2json BelkasoftWindows Registry Forensics: Analysis Techniques Christopher Eng at Ogmini Expectations vs Reality – Digital Forensic Science Master’s Degree Part 6 GaslitPad – DNS Communication David Cowen Sunday Funday Challenge – SSH Artifacts in Windows 11 SSH Artifacts in Windows 11 – […]