Adam at HexacornAnalysing NSRL data set for fun and because… curious, Part 3 Alexander TasseBlue Team Labs — “Employee of the Year” Emi Polito at AmpedCorrect the Perspective of a License Plate BelkasoftiOS System Artifacts: Revealing Hidden Clues Oleg Afonin at ElcomsoftiOS Forensic Toolkit: Troubleshooting Low-Level Extraction Agent ForensafeInvestigating Android Accounts Haircutfish Wireshark: Packet Operations — Task 3 Statistics […]

Emi Polito at AmpedIntegrate Multiple Frames to Improve Visibility Andrew Skatoff at ‘DFIR TNT’RMM – Level.io: Forensic Artifacts and Evidence BelkasoftiOS WhatsApp Forensics with Belkasoft X Patterson Cake at Black Hills Information SecurityWrangling the M365 UAL with SOF-ELK and CSV Data (Part 3 of 3) Brian MaloneyWhat’s New in OneDriveExplorer DCSO CyTecMicrosoft Edge Forensics: Screenshot […]

Emi Polito at AmpedDeblur a Moving Car Joseph Moronwi at Digital InvestigatorLinux Web Server Forensics: Dr. Ali Hadi’s Web Server Case ForensafeInvestigating iOS Telegram Nik Alleyne at ‘Security Nik’ Packet Crafting – Tearing down a connection with TCP Reset Solving the CTF challenge – Network Forensics (packet and log analysis), USB Disk Forensics, Database Forensics, […]

Abhiram KumarDeep Dive Into Windows Diagnostic Data & Telemetry (EventTranscript.db) – PART 2 Ahmed Kamal ElmagrabyWindows Registry Analysis Cheat Sheet David Spreadborough at AmpedCCTV Acquisition Series Summary Andrew Skatoff at Andrew Skatoff at ‘DFIR TNT’RMM – Action1: Client Side Evidence Cado Security Why is CIRA all the Hype for Cloud Incident Response? Analyzing AWS Nitro […]

Abhiram KumarDeep Dive Into Windows Diagnostic Data & Telemetry (EventTranscript.db) – PART 1 David Spreadborough at AmpedViewing CCTV after Acquisition Bhargav Rathod at DFRWSDFRWS 2023 Challenge ForensafeInvestigating Android Skype Harlan Carvey at HuntressGone Phishing: An Analysis of a Targeted User Attack Joshua Hickman at ‘The Binary Hick’Android & AirTags (Part II) Justin De Luna at […]

ADF SolutionsHow to Scan a Mobile Device with Mobile Device Investigator BelkasoftHow to Analyze KnowledgeC.db with Belkasoft X CloudbrothersOther Entra ID / Azure AD SignIn errors ForensafeInvestigating Android Aqua Mail Justin De Luna at ‘The DFIR Spot’A LNK To The Past: Utilizing LNK Files For Your Investigations Lorena Carthy-WilmotVipps App — Forensics Lucid Truth TechnologiesForensic analysts can […]

David Spreadborough at AmpedThe Creation of Master and Working Copies after CCTV Acquisition Andrew Skatoff at ‘DFIR TNT’RMM – Xeox: Client Side Evidence AT&T CybersecurityRAM dump: Understanding its ­­­importance and the process CellebriteUnveiling the Modern Approach to Digital Investigations through Remote Collection of Androids and Workplace Apps Derek EiriDisk Toggling, Validating WinFE Geraldine Blay and […]

Amr Ashraf EventLog Analysis EDR Log Investigation Troy Wojewoda at Black Hills Information SecurityWelcome to Shark Week: A Guide for Getting Started with Wireshark and TShark Cado SecurityDecoding the NIST Cloud Computing Forensics Reference Architecture Oleg Afonin at ElcomsoftApple iCloud Acquisition: A Lifeline for Forensic Experts ForensafeInvestigating Android Twitter Salvation DATAWhat is DVR and How […]

Amped Acquisition from a Cloud-based Service Provider How to Use the Macroblocks Filter in Amped FIVE BelkasoftIns and Outs of Hashing and Hashset Analysis in Belkasoft X Manuel Winkel at DeydaChecklist for NetScaler (Citrix ADC) CVE-2023-3519 Elcomsoft iOS Forensic Toolkit Tips & Tricks iOS Device Acquisition: Installing the Extraction Agent Howard Oakley at ‘The Eclectic […]

Andrew Skatoff at ‘DFIR TNT’RMM – ScreenConnect: Client-Side Evidence Cado Security Macbooks and the Cloud Chain of Custody in the Cloud Cyber TriageLogon Session vs Local Session vs Cyber Triage Sessions. Oh My! Decrypting a DefenseMobile Surveillance, Body-worn Camera Audit Logs, Facial Rec. Source Code, & Threads Data Oleg Afonin at Elcomsoft Pushing the Boundaries: […]