Oleg Afonin at ElcomsoftWhen Speed Matters: Imaging Fast NVMe Drives ForensafeInvestigating Android Gboard Magnet Forensics The importance of PowerShell logs in digital forensics  ShimCache vs AmCache: Key Windows Forensic Artifacts Faan Rossouw at Active CountermeasuresMalware of the Day – Specula Adam GossCollection Management Framework Template (+FREE Download) Assaf Morag at AquaThreat Alert: TeamTNT’s Docker Gatling […]

CyberJunnkieHackathon 24 Prequalifiers: Forensics Challenge “hacked” First blood Team deathstrik3 Dr. Neal Krawetz at ‘The Hacker Factor Blog’C2PA and Authenticated Disinformation Vladimir Katalov at ElcomsoftOutlook Forensic Toolbox Helps Access Deleted Messages ForensafeInvestigating Android Life360 Magnet Forensics Unraveling the clues: RDP artifacts in incident response  5 iOS forensics evidence sources to capture before they expire Matt […]

BelkasoftCase Study: From Hidden Databases to Key Evidence with Belkasoft X’s SQLite Viewer Cyber Sundae DFIRCapability Access Manager Forensics in Windows 11 Krzysztof Gajewski at CyberDefNerdLinux Artifacts: Timestamps of Last SUDO Command Execution Decrypting a DefenseSecure Messaging, Accessing Locked Phones, Retention of Seized Devices, Software Source Code, & More Dr. Neal Krawetz at ‘The Hacker […]

Cyber 5WWindows Shell Items Analysis Derek EiriExploring UFADE to Extract Data From iOS Devices ForensafeInvestigating Android Samsung Browser J SmithSolving the 13Cubed Linux Memory Forensics Challenge Justin De Luna at ‘The DFIR Spot’Lateral Movement – Remote Desktop Protocol (RDP) Event Logs Husam Shbib at Memory ForensicInside Cridex – Memory Analysis Case Study Raj UpadhyayFeatureUsage — Evidence of […]

Chris Ray at Cyber TriageDFIR Breakdown: Impacket Remote Execution Activity – Smbexec ForensafeInvestigating Android Nike Run Club Johan BerggrenOpenRelik Lina Lau at XintraUnderstanding Tokens in Entra ID: A Comprehensive Guide Magnet Forensics A look into iOS 18’s changes 7 essential artifacts for macOS forensics Marco Fontani at Amped10 Ways to Detect Deepfakes Created by Text-to-image […]

Atola TechnologySynology RAID Reassembly and Image Acquisition David Spreadborough at AmpedGetting Started with Video Formats and Conversion Cyber 5WNetwork Forensics With Wireshark Mike Wilkinson at Cyber TriageDFIR Next Steps: What To Do After You Find A Suspicious Use Of Remote Monitoring & Management Tools Danny ZendejasLets Defend Write-up David Cowen at the ‘Hacking Exposed Computer […]

0xdf hacks stuffHTB Sherlock: Noxious Andrea Fortuna Forensic acquisition of ChromeOS devices The hidden risks of Cherry-Picking in Incident Response and Digital Forensics Belkasoft How to Investigate Telegram Crime without Arresting the Company’s CEO iOS Telegram Forensics. Part I: Acquisition and Database Analysis Brian MaloneyCracking OneDrive’s Personal Vault Justin Seitz at Bullsh*t HuntingThe Evidence Carnival: […]

CCL GroupLocal Storage and Session Storage in Mozilla Firefox (Part 1) DFIR ReviewLocation, Location, Location Dr. Tristan Jenkinson at ‘The eDiscovery Channel’eDiscovery Risks – Sending Documents for Disclosure via Email ForensafeInvestigating Android Tinder Emilia Chau, Marin Gheorge, and Muhammad Jawad at Jumpsec LabsBuilding Forensic Expertise: A Two-Part Guide to Investigating a Malicious USB Device (Part […]

0xdf hacks stuffHTB Sherlock: Reaper CellebritePerforming Collection from Mobile Devices in an MDM Environment Cyber TriageDFIR Next Steps: What To Do After You Find a Suspicious Use Of curl.exe Digital Forensics Myanmar eCDFP (Module-6) (Window Forensics) (Part – 7) eCDFP (Module-6) (Window Forensics) (Part – 8) eCDFP (Module-6) (Window Forensics) (Part – 9) ForensafeInvestigating Android […]