archives

Nasa Quba & Kausar Khizra

Nasa Quba & Kausar Khizra has written 6 posts for Forensic Focus – Articles

Windows 8 Touch Keyboard Forensics

Microsoft released Windows 8 in 2012. With this new version, Microsoft made a fundamental shift in Windows 8 as compare to older versions of Windows. It does not only target netbooks, laptops and traditional computers, instead they decided to use the same technology in Windows 8 tablets. This is why Windows 8 operating system is … Continue reading

Linux Timestamps, Oh boy!

Timestamps are critical for analysts; they usually deal with different filesystems and understanding how the file timestamps work on each is crucial to what they do. If you do an online search for linux timestamps, you’ll get ton of information but the idea here is to put together different common file operations such as move, … Continue reading

Browser Anti Forensics

This write-up is just to demonstrate that how one’s browser history can go off track misleading the examiner. An investigator can identify it by noticing the odd in history, sample given in Figure 2. Let’s first take a closer look at this page below (Figure 1)– the URL (says cnn.com) and the title of tab … Continue reading

Man In The Middle Attack: Forensics

Yes, that’s right! Mr. Upset did not post ‘I am hating my new job’ as it appears in Figure 2, instead he wrote ‘I am loving my new job’. Then how did it happen and who did it? This article aims at addressing these questions. We fabricate a case where a person is an object … Continue reading

From iPhone to Access Point

Introduction A wireless Access Point (AP) is a device that allows wireless devices to connect to internet using Wi-Fi. With the remarkable increase in number of wireless devices the number of APs has also increased drastically to serve the Wi-Fi needs of these devices. We have APs at home, offices, airports, public hotspots. Any clue … Continue reading

Geo-tag Forensics

Introduction A geo-tagged image is an image which holds geographical identification metadata. This data consists of latitude and longitude co-ordinates (sometimes altitude also). Though there are some extremely powerful tools available for extracting geo-tag information from geo-tagged images but the insight knowledge of how a tool actually works and gets the data for us is … Continue reading

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 1,181 other followers