AtolaRAID With Parity: Reassembly and Image Acquisition Alexis Brignoni at ‘Initialization Vectors’ New VLEAPP parser New parser for Uber app geo-locatios in iOS using iLEAPP BelkasoftBelkasoft CTF 6: Write-up Compass SecurityBehind The Scenes Of Ransomware Attacks Craig Ball at ‘Ball in your Court’Cloud Attachments: Versions and Purview ForensafeInvestigating Android Digital Wellbeing Joshua Hickman at ‘The […]

John Lukach at 4n6irDo NOT forget the AWS Amplify Logs Derek EiriLionel Notari’s iOS Unified Log Acquisition Tool Steve Bunting at DFIR ReviewHow Did That Photo Get On That iPhone ForensafeInvestigating iOS Calendar Hal Pomeranz at ‘Righteous IT’Orphan Processes in Linux Izzy Spering at HuntressAnalyzing a Malicious Advanced IP Scanner Google Ad Redirection | Huntress […]

Cyber 5WWindows Memory Forensics ForensafeInvestigating Apple Data Usage R Tec CybersecurityAbschlussbericht Security Incident Salvation DATAA Step-to-Step Guide for Data Extraction from Wechat Scott Koenig at ‘The Forensic Scooter’PhotoData – Photos.sqlite and Syndication Photo Library – Photos.sqlite Query Updates Nathanael Ndong at Last Blog ArticleVMware ESXi Forensic with Velociraptor Aaron Goldstein at Todyl Understanding Living-off-the-Land binaries and scripts (LOLBAS) […]

DFIR101 Magnet Forensics Virtual CTF 2024 – Cipher Challenges Magnet Forensics Virtual CTF 2024 – Android Challenges Forensafe Magnet Virtual Summit 2024 CTF (Cipher) Solving Magnet Virtual Summit 2024 CTF (iOS) Solving Magnet Virtual Summit 2024 CTF (Android) John Reeman at Cyooda SecurityHow To: Email Phishing, malicious payload analysis walkthrough Kairos (Hestia) Tay THM: Memory […]

BelkasoftAndroid WhatsApp Forensics. Part II: Analysis Cyber 5WNTFS Artifacts Analysis Dr. Brian Carrier at Cyber TriageDFIR Next Steps: What to do after you find a suspicious Windows Network Logon Session Doug Metz at Baker Street ForensicsMAGNET Virtual Summit 2024 Capture the Flag David Stenhouse at DS ForensicsMicrosoft Office Alerts (“OAlerts”) Elcomsoftcheckm8: Advancements in iOS 16 […]

Cado SecuritySpinning YARN – A New Linux Malware Campaign Targets Docker, Apache Hadoop, Redis and Confluence Django Faiola at ‘Appunti di Informatica Forense’ iOS Burner – Cache.db iOS Burner Forensic Science International: Digital InvestigationVolume 48 Invictus Incident ResponseThe mystery of the EnrichedOffice365AuditLogs solved Nik Alleyne at ‘Security Nik’**TOTAL RECALL 2024** – Memory Forensics Self-Paced Learning/Challenge/CTF […]

Jessica Hyde at HexordiaMobile Forensic Images and Acquisition Priorities BelkasoftAndroid WhatsApp Forensics. Part I: Acquisition Cyber 5WChromium based browsers Investigation Cyber TriageWindows Scheduled Tasks for DFIR Investigations Hendrik Eckardt at cyber.wtfRecovering data from broken appliance VMDKs Dark Data DiscoveryData Carving vs File Carving vs Disk Carving Doug Metz at Magnet ForensicsComae Memory and Network Analysis: […]

ForensafeInvestigating Android WhatsApp Lionel NotariiOS Unified Logs – WiFi and AirPlane Mode Stephan BergerAWS Ransomware Teri RadichelInvestigating, Containing, and Removing Malware on a Mac The Sleuth SheetHow to Transition From OSINT Practitioner to Intelligence Analyst Tyler Hudak at TrustedSecMailItemsAccessed Woes: M365 Investigation Challenges Allan Liska at ‘Ransomware Sommelier’LockBit Down! Jinghua Bai at APNICDeep dive into […]

Cado Security How to be IR Prepared in AWS How to be IR prepared in Azure DCSO CyTecOverview: Evidence Collection of Ivanti Connected Secure Appliances ForensafeInvestigating iOS TikTok PasswareFrom FileVault to T2: How to Deal with Native Apple Encryption Phill Moore, Zach Stanford and Ross Brittain at CyberCXNetScalers are under attack. Or… they were… Bill […]

Alexis Brignoni at ‘Initialization Vectors’What is cacheV0.db and why are there only images in it? Bullsh*t HuntingBullshit Hunting: Digital Forensics Edition Django Faiola at ‘Appunti di Informatica Forense’iOS WAZE Dr. Tristan Jenkinson at ‘The eDiscovery Channel’COPA v Wright – The Identity Question Takes Centre Stage Oleg Afonin at ElcomsoftBootloader-Level Extraction for Apple Hardware ForensafeInvestigating Android […]