Clik here to view.
Windows 8: Important Considerations for Computer Forensics and Electronic...
Introduction Documents identified by computer forensic investigations in civil litigation typically require review and analysis by attorneys to determine if the uncovered evidence could support causes...
View ArticleClik here to view.
Forensic Artifact: Malware Analysis in Windows 8
Windows is the most used operating system worldwide. I have met a lot of IT guys in my country and also other computer elites. My discovery was that 90 percent of them use Windows. I felt maybe that...
View ArticleClik here to view.
Bad Sector Recovery
Bad Sector Recovery Hard drives are built in a way so that they never return unreliable data. This means that if a hard drive cannot guarantee 100 percent accuracy of the data requested, it will simply...
View ArticleClik here to view.
What are ‘gdocs’? Google Drive Data
As “the Cloud” (a varied mix of internet based services ranging from web-based email accounts, on-line storage and services that synchronise data across multiple computers) becomes more relevant and...
View ArticleClik here to view.
Forensic SQLite Extraction for Everyone
Artifacts all over Nowadays, SQLite databases became a very popular, common forensic resource; the new quasi-standard for storing information. They are found on smartphones, hard disc drives, thumb...
View ArticleClik here to view.
Will Digital Forensics Crack SSD’s?
by Mike Sheward, a contributor to InfoSec Resources. Digital forensics is one of the most interesting and exciting fields of information security that you can ever be fortunate enough to work in, but...
View ArticleClik here to view.
What are ‘gdocs’? Google Drive Data – part 2
Following up from the recent post on Google Drive, designed to give a high level introduction to the product, this post will delve a bit deeper into the technical issues relating to the data stored and...
View ArticleClik here to view.
Interpretation of NTFS Timestamps
Introduction File and directory timestamps are one of the resources forensic analysts use for determining when something happened, or in what particular order a sequence of events took place. As these...
View ArticleClik here to view.
Categorization of embedded system forensic collection methodologies
There are many classifications as far as forensic data collection is concerned, but much of it is still a de facto and Wild West when it comes to naming convention. This is especially true in the...
View ArticleClik here to view.
Mobile Device Geotags & Armed Forces
In recent years it has been noticeable that the amount of people carrying a smart phone has increased exponentially. This is down to their low price and availability; even children as young as 12 have...
View ArticleClik here to view.
KS – an open source bash script for indexing data
KS – an open source bash script for indexing data ABSTRACT: This is a keywords searching tool working on the allocated, unallocated data and the slackspace, using an indexer software and a database...
View ArticleClik here to view.
Geo-tagging & Photo Tracking On iOS
As you may already know, Apple has always been criticized for using their extremely popular devices to track users and use this information to expand their own databases. This tutorial assumes that you...
View ArticleClik here to view.
Android Forensics
The article covers several Android forensic techniques that can be helpful in a variety of situations. The techniques or discussions below can be either logical or physical. However, we will try to...
View ArticleClik here to view.
The need for Transnational and State-Sponsored Cyber Terrorism Laws and Code...
Today, terrorists are making the best use of information technology to carry out their objectives. The NATO definition of cyber terrorism is “a cyber attack using or exploiting computer or...
View ArticleClik here to view.
Catching the ghost: how to discover ephemeral evidence with Live RAM analysis
Oleg Afonin and Yuri Gubanov, contact@belkasoft.com © Belkasoft Research, 2013 Belkador Dali. “Losing volatile Evidence”. All rights reserved. Ephemeral Evidence Until very recently, it was a standard...
View ArticleClik here to view.
Extracting data from damaged mobile devices
For the last few years we have successfully extracted data from various mobile device, such as cell phones, smartphones, tablets, etc. Among devices to be examined, we came across defective mobile...
View ArticleClik here to view.
Detecting Forged (Altered) Images
Are digital images submitted as court evidence genuine or have the pictures been altered or modified? We developed a range of algorithms performing automated authenticity analysis of JPEG images, and...
View ArticleClik here to view.
Cyberbullying – a growing concern in a connected society
Megan Meier was just twelve years old when the events began that would ultimately lead to her death. Like many teenagers, Megan had accounts on common social networks, including MySpace, where she...
View ArticleClik here to view.
Autopsy 3: Windows-based, Easy to Use, and Free
If you are like many digital investigators, you’ve heard about the Autopsy™ digital forensics tool and associate it with a course that used Linux to analyze a device. Or, maybe you associate it with a...
View ArticleClik here to view.
Geo-tag Forensics
Introduction A geo-tagged image is an image which holds geographical identification metadata. This data consists of latitude and longitude co-ordinates (sometimes altitude also). Though there are some...
View Article