This week’s post comes courtesy of the free WIFI on the train to Amsterdam. Also, a very extravagantly bearded train ticket inspector saw me watching the Forensic Lunch and stopped to tell me that he thought Matthew has a nice beard. SOFTWARE UPDATES Didier Stevens updated his Python script rtfdump to version 0.0.4 to improve dealing with […]

I’m on holiday in beautiful Tuscany so I’ve had to cut a few things shorter this week and publish a little earlier than usual. I suppose there are worse places to finish a post SOFTWARE UPDATES Blackbag released Macquisition 2016 R1. This update improves RAM acquisition capabilities by adding support for OS X 10.11, as […]

SOFTWARE UPDATES Michael Maurer updated EFetch to Beta 0.5. The update turns EFetch into a file analysis tool for log2timeline. Efetch 0.5 Beta is here! Now all I need is a couple beta testers… Sarah Edwards at Mac4n6 has updated her MacMRU parser to support the ‘Most Recently Used’ artefacts for Microsoft Office for Mac […]

SOFTWARE UPDATES Cellebrite has released version 5.2 of their UFED Physical Analyzer tool (along with UFED Logical Analyzer, UFED/2 and UFED4PC). This update brings with it the ability to obtain some information (pictures and videos from 6 and higher, more information from 5.1.1 and prior) from locked Samsung devices, as well as support for devices […]

SOFTWARE UPDATES Elcomsoft updated their Cloud Explorer product to version 1.10.12742. This version allows examiners to download Gmail data through the Gmail API (which is faster than IMAP) and additional HTML reports. Collecting Evidence From Google Accounts Gets Easier Magnet Forensics recently updated AXIOM to version 1.0.4. This contains the same app support level as […]

SOFTWARE UPDATES Evimetry was updated to version 2.1.2 with some bug fixes and acquisition improvements. Release 2.1.2 Blackbag released Blacklight 2016 R2 with a host of new updates; improved offline maps, additional email parsing and analysis, a new data ingestion user interface and the ability to tear-off the ‘File Content Viewer’ and more. The post […]

 SOFTWARE UPDATES Philippe Lagadec has updated oleobj.py and rtfobj.py in his OLE Tools project to version 0.48. OLE Tools Magnet Forensics updated IEF to version 6.8.1, which mainly includes improved app support and updates, and bug fixes. . Oxygen Forensic has updated their Detective product to version 8.5.0. This includes updated whatsApp and Apple Wallet support, […]

SOFTWARE UPDATES A couple weeks ago Guidance released EnCase 7.13. This is the last update for encase 7. It mainly contained bug fixes. . Exiftool was updated to version 10.23 (development release). This update added some new tags and file support, as well as a new commandline option, and the “ability to geotag only GPS […]

SOFTWARE UPDATES ExfiTool was updated to version 10.22. This update adds read support for BPG images, minor changes to a few of the new Nikon tags and updated the Windows version to include all 10.21 updates. ExifTool 10.22 Andrilla updated to version 2.6.0.1, adding support for several WhatsApp backup databases, GUI improvements, and various bug […]

SOFTWARE UPDATES Cellebrite updated UFED Physical Analyzer to version 5.1.2. This update adds support for the crypt12 WhatsApp backup database and addresses various bug fixes. UFED Physical Analyzer Version 5.1.2 Maintenance Release Oxygen Forensics released an update to their Detective product, now at version 8.4.2, improving support for newer versions of various apps and numerous […]