I would like to mention that my site is not a replacement for reading the actual material. I just write a brief summary of the article (or just mention it) and use the site search when I need to jog my memory. Anyone that would like me to stop covering their blog, or would like to […]

SOFTWARE UPDATES Plaso has been updated to version 1.5, codenamed Gná. This version has back-end performance updates and new and improved plugins, as well as support for YARA rules. It’s important to note that because of the backend updates, this version isn’t compatible with storage files generated by older versions. (As a side note, a […]

Back in Sydney again! Unfortunately, I ran out of time this week (jet lag doesn’t help productivity) so some of the summaries may be a bit sparse (you may be able to tell which ones I did when I had more time, maybe not). SOFTWARE UPDATES Sumuri released Paladin version 7. The update adds support […]

Last week of vacation, this time, I’m writing overlooking Bangkok! Also, less than 2000 words! closest thing I get to a slow news week 🙂 SOFTWARE UPDATES Willi Ballenthin updated his Windows Event Log parser, python-evtx, to version 0.5.0. The update adds py3 support. Check out @williballenthin’s Tweet Microsystemation updated XRY to version 7.1; adding […]

This week’s post comes courtesy of the free WIFI on the train to Amsterdam. Also, a very extravagantly bearded train ticket inspector saw me watching the Forensic Lunch and stopped to tell me that he thought Matthew has a nice beard. SOFTWARE UPDATES Didier Stevens updated his Python script rtfdump to version 0.0.4 to improve dealing with […]

I’m on holiday in beautiful Tuscany so I’ve had to cut a few things shorter this week and publish a little earlier than usual. I suppose there are worse places to finish a post SOFTWARE UPDATES Blackbag released Macquisition 2016 R1. This update improves RAM acquisition capabilities by adding support for OS X 10.11, as […]

SOFTWARE UPDATES Michael Maurer updated EFetch to Beta 0.5. The update turns EFetch into a file analysis tool for log2timeline. Efetch 0.5 Beta is here! Now all I need is a couple beta testers… Sarah Edwards at Mac4n6 has updated her MacMRU parser to support the ‘Most Recently Used’ artefacts for Microsoft Office for Mac […]

SOFTWARE UPDATES Cellebrite has released version 5.2 of their UFED Physical Analyzer tool (along with UFED Logical Analyzer, UFED/2 and UFED4PC). This update brings with it the ability to obtain some information (pictures and videos from 6 and higher, more information from 5.1.1 and prior) from locked Samsung devices, as well as support for devices […]

SOFTWARE UPDATES Elcomsoft updated their Cloud Explorer product to version 1.10.12742. This version allows examiners to download Gmail data through the Gmail API (which is faster than IMAP) and additional HTML reports. Collecting Evidence From Google Accounts Gets Easier Magnet Forensics recently updated AXIOM to version 1.0.4. This contains the same app support level as […]

SOFTWARE UPDATES Evimetry was updated to version 2.1.2 with some bug fixes and acquisition improvements. Release 2.1.2 Blackbag released Blacklight 2016 R2 with a host of new updates; improved offline maps, additional email parsing and analysis, a new data ingestion user interface and the ability to tear-off the ‘File Content Viewer’ and more. The post […]