Cado SecurityUsing the Unix-like Artifacts Collector and Cado Community Edition to Investigate a Compromised Linux System Brian P. MohrDemystifying Log Collection in Azure: Navigating Windows and Linux Server Logging for Microsoft Sentinel Emi Polito at AmpedMeasure Speed from Surveillance Video Felix Guyard at ForensicXlab📦 Volatility3 : Import Address Table ForensafeInvestigating Android Snapchat App Max Groot […]

Abrar HussainSmall Things Matter in DFIR#1: Persistence without Privileges! BelkasoftHow to Efficiently Triage Digital Evidence with Belkasoft T CCL SolutionsWhat makes epoch timestamps tick? CellebriteThe Pitfalls of Relying on iTunes Backups for Investigations Fabio Poloni at Compass SecurityExposing the Scammers: Unmasking the Elaborate Job Offering Scam Digital DanielaInvestigating Traffic With Splunk! Emi Polito at AmpedSeparate […]

Emi Polito at AmpedIncrease Exposure of Dark Footage Cyber TriageEDRs don’t collect all DFIR artifacts, but they can help you do it Derek EiriIn Search of Extraction Techniques for Pair-Locked iOS Devices Oleg Afonin at Elcomsoft iOS Forensic Toolkit: Exploring the Linux Edition Forensic Insights into Apple Watch Data Extraction ForensafeInvestigating Android Viber Ian Whiffin […]

Me with contributions from Andrew Skatoff and Zach Stanford and hopefully others.The RULER Project Adam at HexacornThe world of partially downloaded files… BelkasoftForensic Duel: Exploring Deleted WhatsApp Messages—iOS vs Android Cado SecurityAbstracting Cloud Complexity With Cado’s New Import UI Emi Polito at AmpedEnhance and Optimize Facial Detail Felix Guyard at ForensicXlab📦 Volatility3 : Alternate Data […]

Emi Polito at AmpedCorrect Optical Distortion Amr AshrafBreach Investigation AtolaHow to Choose a Perfect Target Drive Cado SecurityOracleIV – A Dockerised DDoS Botnet DebugPrivilegeDebug Case Study: Analysis of ProxyShell via IIS Worker Memory Dumps ForensafeInvestigating Android IMO Mattia Epifani at Zena ForensicsiOS 15 Image Forensics Analysis and Tools Comparison – Communication and Social Networking Apps […]

Cado Security Investigating AWS EC2 Compromise CTF by Cado Security Scaling Log Forensics in the Cloud with cloudgrep CyberJunnkiePre5 Forensics (CyberHackathon 23 Online Qualifiers) Digital DanielaUsing Zeek Signatures! Shanna Daly at Fancy Forensics Leveraging SRUM for Incident Response Hunting webshells ForensafeSolving Cellebrite’s September 2023 CTF (Abe’s iPhone device) Using ArtiFast Gaurav GogiaWSL2 Forensics: Detection, Analysis […]

Emi Polito at AmpedMeasure Heights from Surveillance Video John Hyla at Blue Crew ForensicsConnecting Discord Attachments to Threads & SDWebImage Library Cado SecurityA New Perspective on Resource-Level Cloud Forensics CellebriteData extraction cheatsheet Cyber Social HubMediaTek: A Short Story Digital DanielaMemory Forensics Thesis! Doug Metz at Baker Street Forensics Huntress Capture the Flag – A CTF […]

Emi Polito at AmpedUnroll a 360 Camera Forensafe Solving Cellebrite’s September 2023 CTF (Felix’s iPhone device) Using ArtiFast Investigating Android Installed Applications Salvation DATAHow to Recover Deleted Partition on Hard Disk? Taz Wake Linux Incident Response – using lsof to check network connections Linux Live Incident Response – the ps command Linux incident response – understanding […]

Emi Polito at AmpedDeblur a License Plate in an Image BelkasoftTelegram Forensics: Getting Started Digital DanielaInvestigating Suspicous Emails! Jerry Chang Sony IR Internship Capstone – Cyber Attack Simulation & Forensics (Forensics) Sony IR Internship Capstone – Cyber Attack Simulation & Forensics (Attack Simulation) Joshua Hickman at ‘The Binary Hick’Finding Phones With Google Maps Part 1 […]

Amped Enhance a Backlit Scene How To Reveal AI-generated Images by Checking Shadows and Reflections in Amped Authenticate Digital DanielaExamining Traffic with NetworkMiner! Justin De Luna at ‘The DFIR Spot’Artifacts of Execution: Prefetch – Part One Kevin Pagano at Stark 4N6 Cellebrite CTF 2023 – Abe Cellebrite CTF 2023 – Felix Magnet Forensics How to […]