SOFTWARE UPDATES Belkasoft updated their Evidence Center suite to version 7.5. In this update the user interface has been revamped, encrypted iTunes backups are now supported, Outlook 2016 Outlook 2016 support has been improved, as well as updates to usability. A more extensive set of release notes can be found here. New Update: Evidence Center […]

SOFTWARE UPDATES Didier stevens updated oledump to version 0.0.24. This update adds the ability to decompress macro streams before calculating the md5 of the stream. This allows users to take two different samples and determine that the internal macro code is similar or different. Update:oledump.py Version 0.0.24 MSAB updated XRY to version 7.0.1 and XAMN […]

SOFTWARE UPDATES DME Forensics’ DVR Examiner has been updated to version 1.22.0. This update adds support for PAVS_264, IFLY_264 and IFS_M file systems, improving support for IXDVRDISK, hikfat,  KSF_RSF, and KSF_dc file systems as well as some bug fixes. DVR Examiner 1.22.0 Paraben’s DS has been updated to version 7.5. The update adds acquisition of […]

SOFTWARE UPDATES Didier Stevens updated his python script zipdump to version 0.0.3. This update added in a number of different command line arguments such as -dumpall which dumps all files rather than just the first, allows for inputting a password, support for YARA rules and decoders, among others. (I could only compare to 0.0.1, so […]

SOFTWARE UPDATES Last week I mentioned that Magnet updated IEF to version 6.7.8. From the release notes this update is mainly bug fixes. . CRU has updated their WriteBlocking Validation Utility to version 1.1.0.3. The new version reformats the test reports, updates the help file, allows for pausing tests, adds support for drives larger than 2.2TB […]

SOFTWARE UPDATES Magnet released IEF version 6.7.8 however I wasn’t able to get a copy of the release notes to summarise them. . Didier Stevens has published a new YARA rule for identifying portable executables created with pyinstaller. This post here explains the impetus for the rule and what it looks for. New YARA Rule: PE_File_pyinstaller […]

Week 19! Trying a slightly different format this week to divide thing up a bit better. SOFTWARE UPDATES Cellebrite have released a maintenance release for UFED Physical and Logical Analyzer, now at version 5.0.2. The main feature of this update is decryption of the new Whatsapp Crypt9 backup databases. (If you don’t have a copy […]

Week 18! Software updates DVR Examiner was updated to version 1.21.0 adding support to the ICATCH_264 and JDX_264 file systems as well as correcting some bugs and making improvements to existing file system support. DVR Examiner 1.21.0 – Support for ICATCH, ELEC and more! Nuix version 7 has been released to their customers and apparently […]

Week 17! Software updates Eric Zimmerman has updated bstings to version 1.1. The new version adds a few new switchings to allow output suppression, regex matching for individual matches as opposed to the entire string and inputting search strings from a file. There were also minor performance improvements. bstrings v1.1 released! Eric also updated LECmd […]

Week 16! Software updates Magnet Forensics updated IEF to version 6.7.7. It’s important to note that this version no longer works on 32-bit Windows.  This version contains improvements to SQL database searches, adds support for iOS 8/9 SMS/MMS, Shareaza library files, history and bookmarks in the iOS Dolphin and Puffin Browsers, Android TextNow and Textfree […]