David Spreadborough at AmpedBehind the Screen: Codecs and Formats Unveiled David Haddad at Breakpoint ForensicsSamsung Secure Health Data Parser — A Forensic Tool for Parsing & Analyzing Samsung Secure Health Databases Cyber Sundae DFIRCapabilityAccessManager.db Deep Dive, Part 1 Denis Szadkowski, Paul van Ramesdonk, Maike Orlikowski and Johann Aydinbas at DCSO CyTecUnransomware: From Zero to Full […]
Krzysztof Gajewski at CyberDefNerdWindows Artifacts: Analyzing the USN Journal on a Live System Clint Marsden at DFIR InsightsQuick Fixes for plaso / Log2timeline Error: Key Troubleshooting on Ubuntu Dr. Neal Krawetz at ‘The Hacker Factor Blog’ Account Payable Phishing Attacks C2PA and the All Adobe Show ForensafeSolvig Cellebrite CTF 2024 (Felixs’ iOS) Magnet ForensicsThat one […]
Oleg Afonin at ElcomsoftWhen Speed Matters: Imaging Fast NVMe Drives ForensafeInvestigating Android Gboard Magnet Forensics The importance of PowerShell logs in digital forensics ShimCache vs AmCache: Key Windows Forensic Artifacts Faan Rossouw at Active CountermeasuresMalware of the Day – Specula Adam GossCollection Management Framework Template (+FREE Download) Assaf Morag at AquaThreat Alert: TeamTNT’s Docker Gatling […]
CyberJunnkieHackathon 24 Prequalifiers: Forensics Challenge “hacked” First blood Team deathstrik3 Dr. Neal Krawetz at ‘The Hacker Factor Blog’C2PA and Authenticated Disinformation Vladimir Katalov at ElcomsoftOutlook Forensic Toolbox Helps Access Deleted Messages ForensafeInvestigating Android Life360 Magnet Forensics Unraveling the clues: RDP artifacts in incident response 5 iOS forensics evidence sources to capture before they expire Matt […]
BelkasoftCase Study: From Hidden Databases to Key Evidence with Belkasoft X’s SQLite Viewer Cyber Sundae DFIRCapability Access Manager Forensics in Windows 11 Krzysztof Gajewski at CyberDefNerdLinux Artifacts: Timestamps of Last SUDO Command Execution Decrypting a DefenseSecure Messaging, Accessing Locked Phones, Retention of Seized Devices, Software Source Code, & More Dr. Neal Krawetz at ‘The Hacker […]
Cyber 5WWindows Shell Items Analysis Derek EiriExploring UFADE to Extract Data From iOS Devices ForensafeInvestigating Android Samsung Browser J SmithSolving the 13Cubed Linux Memory Forensics Challenge Justin De Luna at ‘The DFIR Spot’Lateral Movement – Remote Desktop Protocol (RDP) Event Logs Husam Shbib at Memory ForensicInside Cridex – Memory Analysis Case Study Raj UpadhyayFeatureUsage — Evidence of […]
Adan AlvarezGaining AWS Persistence by Updating a SAML Identity Provider Alexandre DulaunoyImprove Your Forensic Analyses with hashlookup Alex Caithness at CCL SolutionsWhen is an app not an app? Investigating WebAPKs on Android Andreas Arnold at Compass SecurityEmail, Email on the Wall, Who Sent You, After All? Django Faiola at ‘Appunti di Informatica Forense’iOS Burner – […]
Chris Ray at Cyber TriageDFIR Breakdown: Impacket Remote Execution Activity – Smbexec ForensafeInvestigating Android Nike Run Club Johan BerggrenOpenRelik Lina Lau at XintraUnderstanding Tokens in Entra ID: A Comprehensive Guide Magnet Forensics A look into iOS 18’s changes 7 essential artifacts for macOS forensics Marco Fontani at Amped10 Ways to Detect Deepfakes Created by Text-to-image […]
Atola TechnologySynology RAID Reassembly and Image Acquisition David Spreadborough at AmpedGetting Started with Video Formats and Conversion Cyber 5WNetwork Forensics With Wireshark Mike Wilkinson at Cyber TriageDFIR Next Steps: What To Do After You Find A Suspicious Use Of Remote Monitoring & Management Tools Danny ZendejasLets Defend Write-up David Cowen at the ‘Hacking Exposed Computer […]
0xdf hacks stuffHTB Sherlock: Noxious Andrea Fortuna Forensic acquisition of ChromeOS devices The hidden risks of Cherry-Picking in Incident Response and Digital Forensics Belkasoft How to Investigate Telegram Crime without Arresting the Company’s CEO iOS Telegram Forensics. Part I: Acquisition and Database Analysis Brian MaloneyCracking OneDrive’s Personal Vault Justin Seitz at Bullsh*t HuntingThe Evidence Carnival: […]
