Welcome to 2023! I wrote a 2022 Wrap Up! Oleg Afonin at Elcomsoftcheckm8 for iOS 16.2 and Windows-based iOS Low-Level Extraction Joe T. Sylve, Ph.D. 2022 APFS Advent Challenge Day 18 – Decryption 2022 APFS Advent Challenge Day 20 – Snapshot Metadata 2022 APFS Advent Challenge Day 21 – Fusion Containers 2022 APFS Advent Challenge […]

And that’s a wrap for 2022! Things returned a lot more to normal down in Sydney, with pretty much all restrictions being lifted. We have seen a bit of an increase in COVID cases recently, and it seems almost everyone is getting it now (or again) – thankfully almost all the cases seem to be […]

CTF导航Cyberdefenders蓝队-恶意软件流量分析3 Dr. Neal Krawetz at ‘The Hacker Factor Blog’Weird Science ForensafeInvestigating Window Kaspersky Antivirus Howard Oakley at ‘The Eclectic Light Company’Rolling logs and anti-malware scans Jason Wilkins at ‘Noob to Pro Forensics’Drive Geometry, File Systems, and How Criminals Hide Data Joe T. Sylve, Ph.D. 2022 APFS Advent Challenge Day 13 – Data Streams 2022 APFS […]

Active CountermeasuresHunting Windows Event Logs Oleg Afonin at ElcomsoftWindows Account Passwords: Why and How to Break NTLM Credentials ForensafeInvestigating Window Google Drive Karthikeyan Nagaraj at InfoSec Write-ups Advent of Cyber 2022 [Day 11]-Memory Forensics-Not all gifts are nice Write up Advent of Cyber 2022 [Day 14]-Packet Analysis | Simply having a wonderful pcap time — Simple Write… […]

CyberJunnkiePhishing Email Challenge by LetsDefend Joseph Moronwi at Digital InvestigatorMalware Threat Hunting With Volatility ForensafeInvestigating Android Sygic Fallen sky at InfoSec Write-upsEmail analysis : avoid phishing attacks Joe T. Sylve, Ph.D. 2022 APFS Advent Challenge Day 3 – Containers 2022 APFS Advent Challenge Day 4 – NX Superblock Objects 2022 APFS Advent Challenge Day 5 – […]

Andrew Rathbun and Eric ZimmermanEZ Tools Manuals Digital Forensics Discord ServerThe Hitchhiker’s Guide to DFIR: Experiences From Beginners and Experts – v1.2 Bill Thompson at OpenTextGetting to know your tools Liu Zhixiangcheckm8提取速查表：iPhone、iPad Derek EiriPractical Linux Forensics & a Mini Linux Forensics CTF David Stenhouse at DS ForensicsMy Time With The Judge ForensafeInvestigating Windows Defender James […]

Ali Alwashali at ‘HackDefend Labs’Sysinternals case writeup Paul Lorentz at CellebriteSmart Flow – A super-charged single step for extractions in UFED 7.60 Domiziana FotiLetsDefend- SOC112 — Traffic to Blacklisted IP Doug Metz at Baker Street ForensicsGroup collections from O365 with PowerShell ForensafeInvestigating iOS FACEBOOK Messenger Haircutfish TryHackMe MITRE Room-Task 3 ATT&CK® Framework TryHackMe MITRE Room- Task 1 […]

Cado Security Enhancing Cado Community Edition with Velociraptor WatchDog Continues to Target East Asian CSPs The Ultimate Guide to Ransomware Incident Response & Forensics Dr. Ali HadiChallenge #7 – SysInternals Case Oleg Afonin at Elcomsoft Advanced Logical Extraction with iOS Forensic Toolkit 8: Cheat Sheet Cloud Forensics: Obtaining iCloud Backups, Media Files and Synchronized Data […]

Blake ReganHow to create a forensic image of a physical hard drive using FTK Imager Alan Flora at CellebriteUsing Pathfinder to Avoid Ethical Dilemmas in Digital Forensics CTF导航 inctf Forensic复现 | Memlabs（下） inctf Forensic复现 | Memlabs（上） 电子取证之NTFS基础 Digital Forensics Myanmar Browser Forensics (Firefox, Chrome, Edge, Opera, Brave) Clear Browsing Data  Forensics (Firefox, Chrome, Edge, Opera, […]

Cado SecurityAnalysing Docker Images in the Cado Platform CTF导航如何基于volatility2构建“新”版本内核的profile DFIR Review Wipeout! Detecting Android Factory Resets An Alternate Location for Deleted SMS/iMessage Data in Apple Devices iOS KnowledgeC.db Notifications Digital Forensics Myanmar Disk Scan (OR) Low Level Enumeration  (NTFS  File System) Zone.idnetifier  In Master File Table (MFT) Joseph Moronwi at Digital Investigator IP Geolocation: A […]