archives

computer forensics

This tag is associated with 63 posts

Windows Registry Analysis 101

by Chirath De Alwis Computer forensics is the process of methodically examining computer media (hard disks, diskettes, tapes, etc.) for evidence [1].  When considering computer forensics, registry forensics plays a huge role because of the amount of the data that is stored on the registry and the importance of the stored data. The extraction of … Continue reading

Career Paths In Digital Forensics

by Christa Miller, Forensic Focus In the 30 or so years since the advent of personal computers made digital forensics a viable career path, the profession has matured to the extent of making multiple career paths possible. Now, professionals who are interested in digital forensics have options that range from law enforcement and government investigations, … Continue reading

Using The Content-Length Header Field In Email Forensics

by Arman Gungor As forensic examiners, we often have to analyze emails in isolation without the benefit of server metadata, neighbor messages, or data from other sources such as workstations. When authenticating an email in isolation, every detail counts—we review a long list of data points such as formatting discrepancies within the message body, dates hidden in … Continue reading

How To Install And Use The Optional Thunderbolt I/O Card On Logicube’s Falcon-NEO

Welcome to Logicube’s tutorial on the optional Thunderbolt I/O card on the Forensic Falcon-NEO. In this session, we’ll show you how to install and use this card. The optional Thunderbolt I/O card connects directly to Falcon-NEO’s source or destination I/O card ports. This card allows you to image directly to or from Thunderbolt USB C, … Continue reading

Email Forensics: Investigation Techniques

by Chirath De Alwis Due to the rapid spread of internet use all over the world, email has become a primary communication medium for many official activities. Not only companies, but also members of the public tend to use emails in their critical business activities such as banking, sharing official messages, and sharing confidential files. However, … Continue reading

Forensic Examination Of Manipulated Email In Gmail

by Arman Gungor Last week, I came across an interesting post on Forensic Focus. The poster, jahearne, was asking about how one can detect manipulation of an existing email in Gmail. In his hypothetical scenario, the bad actor was using Outlook to edit the message and change its contents after it was received. I wanted to … Continue reading

Walkthrough: Forensic Falcon NEO From Logicube

Welcome to Logicube’s tutorial on the Forensic Falcon NEO. In this session, we’ll conduct a product tour, including all of the various ports available, and show you how hard drives are connected to the Falcon NEO. At the front of the Falcon NEO you will find two USB 3.0 ports that can be used as … Continue reading

How To: Multitask With Logicube’s Forensic Falcon NEO

Welcome to Logicube’s tutorial on the Forensic Falcon NEO. In this session we’ll show you how to multitask. For this tutorial I have connected the Falcon NEO to a network, and from a PC on the same network I’ve logged into the unit using a web browser so that I can operate remotely. I’ve already … Continue reading

How To: Integrate LACE Carver With Griffeye Analyze DI Pro

Let’s talk about the exciting new LACE Carver Integration with Analyze DI Pro. Once you have the proper license, you can head over to your Downloads page on MyGriffeye.com and go to the LACE Carver download. Once the app package has been downloaded, we can go back to Griffeye and install it under Settings, Plugins, … Continue reading

How To: Create A Logical Image On Falcon NEO

Welcome to Logicube’s tutorial on the Forensic Falcon NEO. In this episode, we’ll show you how to perform a logical image. The logical imaging feature of Falcon NEO shortens the evidence collection process by allowing investigators to select and acquire only the specific files they need, rather than the entire physical drive. Users can create … Continue reading

Forensic Analysis Of The μTorrent Peer-to-Peer Client In Windows

by Michael R. Godfrey The μTorrent software client is the most popular BitTorrent peer-to-peer software application worldwide [1]. Contraband files such as copyrighted movies and music, child pornography and pirated content, are frequently acquired through the peer-to-peer (P2P) file sharing protocol BitTorrent. This research will include the digital forensic analysis of the μTorrent client, specifically, the … Continue reading

Requirements In Digital Forensics Method Definition: Observations From A UK Study

by Angus M. Marshall & Richard Paige Abstract During a project to examine the potential usefulness of evidence of tool verification as part of method validation for ISO 17025 accreditation, the authors have examined requirements statements in several digital forensic method descriptions and tools. They have identified that there is an absence of clear requirements statements … Continue reading

Techno Security TX 2018 – Recap

This article is a recap of some of the main highlights from Techno Security TX 2018, which took place in San Antonio, Texas from the 17th-19th September. The conference had four tracks: forensics; information security; audit / risk management; and investigations, along with sponsor demos. Forensic Focus attended the forensics and investigations tracks during the event. … Continue reading

Findings From The Forensic Focus 2018 Survey

Earlier this year, Forensic Focus conducted a survey of its members to find out a bit more about them, their roles in the industry, and common challenges facing digital forensic practitioners today. Below is a brief run-down of the results. First of all, some demographic details. The majority of our members are situated in either … Continue reading

ICDF2C 2018 – Recap

This article is a recap of some of the main highlights from the ICDF2C conference 2018, which took place in New Orleans, LA, USA from the 10th-12th September. The program began on Monday 10th September with the usual welcome registration. The conference was held at Chateau LeMoyne in New Orleans’ French Quarter: a beautiful hotel complete … Continue reading

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 1,199 other followers