Ahmed BelhadjadjiWindows Forensics: Event Logs Analysis David Spreadborough at AmpedPublic Submissions of CCTV and Video Evidence Elcomsoft Perfect Acquisition Part 4: The Practical Part Automating DFU Mode with Raspberry Pi Pico Automating Scrolling Screenshots with Raspberry Pi Pico Eric CapuanoCapturing & Parsing Forensic Triage Acquisitions for Investigation Timelining ForensafeInvestigating pCloud Invictus Incident ResponseRansomware in the […]

Andrew MalecIdentification, acquisition, and examination of iSCSI LUNs and VMFS datastores Monica Harris at CellebriteKey Takeaways and Highlights from Legalweek 2023 Chris at AskCleesImporting NSRL V3 hashsets into legacy tools Derek EiriGetting SMART(er) with Information Elcomsoft HomePod Forensics III: Analyzing the Keychain and File System Perfect Acquisition Part 3: Perfect HFS Acquisition ForensafeInvestigating Android Wi-Fi […]

Ahmed BelhadjadjiWindows Forensics: Examine Windows Files and Metadata David Spreadborough at Amped CCTV Recovery How to Use the Validation Tool in Amped FIVE Andrew Skatoff at ‘DFIR TNT’GoToForensics AvananThe Replier Attack Al Carchrie at Cado SecurityIPC YOU: How the Cado Platform Reveals Attacker Command Outputs  Dr. Ali Hadi at ‘Binary Zone’ Challenge #7 – SysInternals […]

Ahmed BelhadjadjiWindows Forensics Challenge Walkthrough (LETSDEFEND) Emma Sousa at Forgotten Nook CyberDefenders – Insider CyberDefenders – L’espion Eric Capuano Find Threats in Event Logs with Hayabusa A “Thank You” to Paid Subscribers So you want to be a SOC Analyst? Part 4 Forensafe Investigating Windows BitTorrent Investigating Windows Avira Antivirus Khris Tolbert at MaverisLabsHTB: CA2023 — Forensics […]

BelkasoftLagging for the Win: Querying for Negative Evidence in the sms.db David Spreadborough at AmpedCCTV Acquisition – Search and Trawl eForensics The Lockbit 3 Black Forensics Analysis: Memory Forensics Modern Approach (Part III) How to Better Prepare for a Memory Forensics Investigation Rooting Androids for Forensics iPhone Forensics Analyzing Malware Mobile Apps with VirusTotal Enterprise […]

Ahmed BelhadjadjiExamine the Cache, Cookies, and History Recorded in Web Browsers Belkasoft Walkthrough: Sigma Rules in Belkasoft X Basic but significant legal issues in the Casey Anthony Case Doug Metz at Baker Street ForensicsNSRL Query from the Command Line Eric CapuanoMounting E01 Forensic Images in Linux Foxton ForensicsAnalysing Safari browser history InfoSec Write-upsWindows Forensic 101: How […]

David Spreadborough at AmpedCCTV – The Beginners Guide Matt Danner at Cyber Social Hub3 Ways Programming Skills Can Help You Succeed In DFIR Dr. Tristan Jenkinson at ‘The eDiscovery Channel’The Importance of Data that Doesn’t Exist – Part Three (Missing Metadata – A Case Study) Forensafe Investigating Windows 1Password Investigating Windows Unigram Jerry ChangMason TCTF […]

Rushed last week and didn’t include Lee Whitfield’s post notifying the community that nominations for the 2023 Forensic 4Cast Awards is now open. Emi Polito at AmpedLearn How to Remove Sensitive Audio in Amped Replay: Ready, Steady, Redact! Amr AshrafRansomeWare Investigation Oleg Afonin at Elcomsoft Password Recovery and Data Decryption: Getting Around and About Right […]

David Spreadborough at AmpedIntroduction to CCTV Acquisition Dany at DigitellaExploitation Kit Network Traffic Investigation Forensafe Investigating Windows F-Secure Investigating Windows OpenVPN Magnet ForensicsUnderstanding Messages in Apple’s Cloud & Processing Warrant Returns Paolo Dal Checco at Studio d’Informatica ForenseManuale ENFSI per l’analisi dell’autenticità delle registrazioni digitali John Lukach at 4n6irNew Amazon Linux Triage Detection Adam Todd […]

Aditya PratapAcquisition & Analysis for Apple Devices Amanda Berlin at BlumiraWhat Are Event Logs and Why Do They Matter Cado Security and Invictus Incident ResponseCase Study Continued: Responding to an Attack in AWS Digital Forensics Myanmar eCDFP Module (5) File System Analysis (Part-12)  (NTFS File System Analysis) eCDFP Module (5) File System Analysis (Part-13)  (NTFS […]