SOFTWARE UPDATES Philippe Lagadec has updated oleobj.py and rtfobj.py in his OLE Tools project to version 0.48. OLE Tools Magnet Forensics updated IEF to version 6.8.1, which mainly includes improved app support and updates, and bug fixes. . Oxygen Forensic has updated their Detective product to version 8.5.0. This includes updated whatsApp and Apple Wallet support, […]

SOFTWARE UPDATES A couple weeks ago Guidance released EnCase 7.13. This is the last update for encase 7. It mainly contained bug fixes. . Exiftool was updated to version 10.23 (development release). This update added some new tags and file support, as well as a new commandline option, and the “ability to geotag only GPS […]

SOFTWARE UPDATES ExfiTool was updated to version 10.22. This update adds read support for BPG images, minor changes to a few of the new Nikon tags and updated the Windows version to include all 10.21 updates. ExifTool 10.22 Andrilla updated to version 2.6.0.1, adding support for several WhatsApp backup databases, GUI improvements, and various bug […]

SOFTWARE UPDATES Cellebrite updated UFED Physical Analyzer to version 5.1.2. This update adds support for the crypt12 WhatsApp backup database and addresses various bug fixes. UFED Physical Analyzer Version 5.1.2 Maintenance Release Oxygen Forensics released an update to their Detective product, now at version 8.4.2, improving support for newer versions of various apps and numerous […]

SOFTWARE UPDATES Belkasoft updated their Evidence Center suite to version 7.5. In this update the user interface has been revamped, encrypted iTunes backups are now supported, Outlook 2016 Outlook 2016 support has been improved, as well as updates to usability. A more extensive set of release notes can be found here. New Update: Evidence Center […]

SOFTWARE UPDATES Didier stevens updated oledump to version 0.0.24. This update adds the ability to decompress macro streams before calculating the md5 of the stream. This allows users to take two different samples and determine that the internal macro code is similar or different. Update:oledump.py Version 0.0.24 MSAB updated XRY to version 7.0.1 and XAMN […]

SOFTWARE UPDATES DME Forensics’ DVR Examiner has been updated to version 1.22.0. This update adds support for PAVS_264, IFLY_264 and IFS_M file systems, improving support for IXDVRDISK, hikfat,  KSF_RSF, and KSF_dc file systems as well as some bug fixes. DVR Examiner 1.22.0 Paraben’s DS has been updated to version 7.5. The update adds acquisition of […]

SOFTWARE UPDATES Didier Stevens updated his python script zipdump to version 0.0.3. This update added in a number of different command line arguments such as -dumpall which dumps all files rather than just the first, allows for inputting a password, support for YARA rules and decoders, among others. (I could only compare to 0.0.1, so […]

SOFTWARE UPDATES Last week I mentioned that Magnet updated IEF to version 6.7.8. From the release notes this update is mainly bug fixes. . CRU has updated their WriteBlocking Validation Utility to version 1.1.0.3. The new version reformats the test reports, updates the help file, allows for pausing tests, adds support for drives larger than 2.2TB […]

SOFTWARE UPDATES Magnet released IEF version 6.7.8 however I wasn’t able to get a copy of the release notes to summarise them. . Didier Stevens has published a new YARA rule for identifying portable executables created with pyinstaller. This post here explains the impetus for the rule and what it looks for. New YARA Rule: PE_File_pyinstaller […]