Clik here to view.
Windows Forensics and Security
By Adrian Leon Mare www.ExpertDataForensics.com The world we live in today is a technologically advanced world. While on one hand, commercialization of IT (Information technology) revolutionized our...
View ArticleClik here to view.
Windows Logon Password – Get Windows Logon Password using Wdigest in Memory Dump
1. Introduction The former way to acquire the Windows logon password of user is to get a NTML hash value through the Windows logon session and registry then crack it. [Figure 1] shows the well-known...
View ArticleClik here to view.
Forensics Europe Expo 2014 – Recap
Forensic Focus attended the Forensics Europe Expo at Kensington Olympia on the 29th & 30th of April. This article is a recap of some of the main highlights and over the next few weeks we will also...
View ArticleClik here to view.
Considering A Career in Audio-Video Forensics? Enhance Your Prospects With...
Have you ever discovered a software feature that, had you known of it sooner, could have helped you in a prior case? Have you been using the same software methods and workflow procedures for the least...
View ArticleClik here to view.
DFRWS Europe 2014 Annual Conference – Recap
This article is a recap of some of the main highlights of the Digital Forensics Research Workshop (DFRWS) held in Amsterdam from the 7th – 9th of May; over the next few weeks we will also be bringing...
View ArticleClik here to view.
Mac Memory Forensics – WeChat Analysis in a live system
Rapidly growth of the usage of OS X inspires the forensics researchers turning to analyze the devices such iPad, iPhone and Mac deeply. Therefore, OS X forensics, starting from Jonathan Zdziarski in...
View ArticleClik here to view.
Coming apart at the SIEMs …
Security Information and Event Management (SIEM)1 systems are all the rage at the moment – and with good cause. As you are all aware, one item of data2 does not a case make, it is the combination &...
View ArticleClik here to view.
Browser Anti Forensics
This write-up is just to demonstrate that how one’s browser history can go off track misleading the examiner. An investigator can identify it by noticing the odd in history, sample given in Figure 2....
View ArticleClik here to view.
The Complete Workflow of Forensic Image and Video Analysis
In this article we’ll describe the complete workflow for image and video forensics. In fact, just like computer forensics is not only simply copying and looking at files, forensic video analysis is...
View ArticleClik here to view.
Investigating the Dark Web – The Challenges of Online Anonymity for Digital...
The recent rise in the number of people who suspect they may be being tracked on the internet, whether by government agencies, advertisers or nefarious groups, has led to increased interest in...
View ArticleClik here to view.
Understanding Cyber Bullying – Notes for Digital Forensics Examiners
by Carole Phillips The phenomenon of cyber bullying has received a significant amount of attention in the last decade and literature in this field has grown exponentially with advice and guidance on...
View ArticleClik here to view.
Why Offender Profiling is Changing Thanks to Mobile Forensics and...
by Yuval Ben-Moshe, senior director of forensic technologies at Cellebrite Mobile forensics has changed the methodology when it comes to offender profiling. The frequent use of mobile devices has...
View ArticleClik here to view.
FT Cyber Security Summit 2014 – Recap
Forensic Focus attended the FT Cyber Security Summit in London on the 3rd of September. This article is a recap of some of the main highlights of the event. The Cyber Security Summit brought together...
View ArticleClik here to view.
Recovering Evidence from SSD Drives in 2014: Understanding TRIM, Garbage...
We published an article on SSD forensics in 2012. SSD self-corrosion, TRIM and garbage collection were little known and poorly understood phenomena at that time, while encrypting and compressing SSD...
View ArticleClik here to view.
A guide to RegRipper and the art of timeline building
Background I have often heard RegRipper mentioned on forums and websites and how it was supposed to make examining event logs, registry files and other similar files a breeze (the event logs and the...
View ArticleClik here to view.
How To Decrypt WeChat EnMicroMsg.db Database?
WeChat is a smartphone application where users can chat with their friends, share pictures, videos and audio chats. Users can also make free video calls and voice calls with their friends as long as...
View ArticleClik here to view.
Can You Get That License Plate?
We find ourselves analyzing new surveillance videos almost every day, and in most cases we can either solve the problem very quickly or understand (even quicker) that there is no information to recover...
View ArticleClik here to view.
Development of Digital Forensic Tools on Mobile Device, a Potential Area to...
Case Study: MobileTriage – JPEG Metadata Triage – Automated Extraction of Information using Mobile Forensic Tools Background Mobile devices are now becoming part of our daily lives. These devices can...
View ArticleClik here to view.
Extracting data from dump of mobile devices running Android operating system
In this article, we are going to tell about opportunities of utilizing programs that are used on a day-to-day basis in computer forensics and examination for analysis of mobile devices running Android...
View ArticleClik here to view.
Investigation and Intelligence Framework (IIF) – an evidence extraction model...
Authors Alan, Kelvin, Anthony and Zetta (VXRL) Disclaimer This framework was first introduced in DFRWS EU 2014 (the first DFRWS conference in Europe) at Amsterdam held in May and later presented at...
View Article