archives

forensic software

This tag is associated with 22 posts

Walkthrough: Oxygen Forensic Detective Latest Features

Within Oxygen, you’re able to not only connect one device, but several devices, and image them simultaneously. Oxygen’s extractor runs independently of Oxygen Detective, and that’s what allows you to run several different extractions at the same time, and there is no limit other than what the machine you were using will allow. So again, … Continue reading

Opinion: Is ISO17025 The Right Standard For Digital Forensics?

by Rich2005 Standardisation is currently the subject of animated discussion among digital forensic examiners worldwide. In this opinion piece, Rich2005 looks at the challenges of the ISO17025 standard for digital forensics and why it might not be the best choice for the field. Please note that the views contained within this article are the opinions … Continue reading

Walkthrough: Analyze DI Face Detection Recognition

Let’s check out the new features of the Face Detection within Griffeye Analyze DI. Make sure in the Analyze Forensic Market you have the Face and Video utility pack both activated before you create your case. Once you do so, we can go ahead and create a new case, and bring in our data. I’m … Continue reading

The “I’ve Been Hacked” Defence

By: Yuri Gubanov, Oleg Afonin (C) Belkasoft Research, 2016 Abstract This article was inspired by an active discussion in one of the forensic listservs. Original post was asking on how to fight with an argument “This is not me, this is a malware”. The suspect was allegedly downloading and viewing illicit child photos and was … Continue reading

Windows 8 Touch Keyboard Forensics

Microsoft released Windows 8 in 2012. With this new version, Microsoft made a fundamental shift in Windows 8 as compare to older versions of Windows. It does not only target netbooks, laptops and traditional computers, instead they decided to use the same technology in Windows 8 tablets. This is why Windows 8 operating system is … Continue reading

Webmail Forensics – Digging deeper into Browsers and Mobile Applications

Almost everyone who uses the Internet has a web-based email account. Many people have two or more, so the likelihood of a forensic investigator coming across a case involving webmail communication is very high. While law enforcement examiners can ask service providers for the email contents through a court order, corporate and non-government examiners have … Continue reading

Bitcoin Forensics Part II: The Secret Web Strikes Back

In last week’s post, we talked about Bitcoin, Tor and some of the hidden websites only accessible via Tor, such as Silk Road, which was shut down by the FBI on October 1st. Well, just over a month later and Silk Road is back online: You can reach the new site at this link (again, … Continue reading

Bitcoin Forensics – A Journey into the Dark Web

There has been a lot of buzz around Tor, Bitcoin, and the so-called “dark web” (or “deep web”) since the FBI shut down the underground website “Silk Road” on Oct 1st. As many of you already know, Tor is a network of encrypted, virtual tunnels that allows people to use the internet anonymously, hiding their … Continue reading

Analysis Of iOS Notes App

As part of my third year studying Digital Security,Forensics & Ethical Hacking at GCU, I took part in a group research project to study the artifacts created when using the notes app on an iPad Mini, and if they could be used as evidence. This post is really just going to explain what I did, … Continue reading

Autopsy 3: Windows-based, Easy to Use, and Free

If you are like many digital investigators, you’ve heard about the Autopsy™ digital forensics tool and associate it with a course that used Linux to analyze a device.  Or, maybe you associate it with a book that made references to the Linux/OS X tool, but it wasn’t applicable to you at the time because you … Continue reading

Windows 8: Important Considerations for Computer Forensics and Electronic Discovery

Introduction Documents identified by computer forensic investigations in civil litigation typically require review and analysis by attorneys to determine if the uncovered evidence could support causes of action such as breach of contract, breach of fiduciary duty, misappropriation of trade secrets, tortious interference, or unfair competition.  In addition, bit-for-bit forensic imaging of workstations is also … Continue reading

Mobile Phone Forensic Challenges

Introduction A great number of the mobile phones used worldwide every second require special knowledge and skills from forensic experts.  More often it is not enough to be an experienced expert in computer forensics to understand all the peculiarities and difficulties of the mobile forensics. This article describes technical problems encountered by specialists in mobile … Continue reading

Forensic Toolkit v3 Tips and Tricks – On a budget

While researching FTK 3X and Oracle, you just recently discovered that the best configuration of your Oracle database would be on a solid state drive (SSD). Solid state drives give the maximum level of performance to Oracle databases and in turn speed up your FTK 3X responsiveness. You are a conscientious analyst and decide to try … Continue reading

Forensic Toolkit v3 Tips and Tricks – Re-indexing a case

This is the first in a series of articles that will cover topics concerning AccessData Forensic Toolkit (FTK) version 3. So you’ve created a case in FTK 3.X / Oracle and added 20 forensic images of seized computers and assorted media which previously had been successfully processed and indexed. You’ve worked on this case for weeks, painstakingly … Continue reading

Digital Forensics on a (less than) shoestring budget – Part 2

by Ken Pryor In my last post, I talked about the various ways one can find training resources to assist in getting started in the field of digital forensics. In this post, I will go over some of the free and low cost software you can use and related information. A few years ago when … Continue reading

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 1,152 other followers