NEA

Δείτε με μια ματιά τα νέα από τον χώρο. Η καθημερινή σας εγκληματολογική εφημερίδα

Computer Forensics and E-discovery
October 5th
Note: The following does not represent the opinion of Mark McKinnon. He merely had the good grace to allow me a forum in which to post it after it was respectfully declined (for obvious reasons) by the SANS Institute's Forensic Blog. I wrote it chiefly b…
August 25th
This information was provided to me by Longshot (Just passing this great information along).Decoding the DateCreated and DateLastConnected registry values from the registry keysSOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\Profiles\{GUID} In Vi…
August 7th
I know this whole blog has gotten pretty stale as there have not been any posts in a loooong time. Well I am going to try and remedy that with some good posts in the coming weeks. Well the skype log parser, which is my most downloaded tool, has gone thro…
Forensic Focus
October 29th
Police Scotland evaluated its digital forensic technologies and processes against a workflow using Nuix Workstation and Nuix Investigate® in a series of drug supply cases and a multi-agency fraud case. Following a robust six-month proof of concep…
October 27th
Get me the CCTV! Show me the suspect! Enhance that blurry face! These phrases are very often heard in the numerous police shows we see on our screens these days. Although we have come a long way since the days … Read more The post Register For Fr…
October 22nd
Christa: How confident are you in the results of your digital forensics tools and techniques? Can you measure that confidence or defend it in a court law?  Welcome to the Forensic Focus podcast, where monthly we interview experts from the … R…
October 21st
A mobile device is a goldmine of data; in an era where 98% of investigations involve some form of digital evidence and data volumes continue to grow exponentially, having the most advanced mobile forensic tools at your disposal from first … Read mo…
Forensic Video and Image Analysis BLOG
September 22nd
 This will be the final post in this space. I've retired from the practice. I'll leave this free resource up as an artifact and a reference. So long, and thanks for all the fish.
March 27th
First of all, I hope this post finds you and yours in good health. I hope that you have enough to eat and have enough resources to meet your basic needs. I know that many folks have been sent home to work, some have even lost their jobs (some temporarily,…
March 25th
As firms and agencies urge their employees to work from home during the global pandemic, their employees’ confidential phone calls run the risk of being heard by Amazon.com Inc. and Google. Mishcon de Reya LLP, the U.K. law firm that famously advis…
March 11th
When creating case reports, I like to use the terms from our discipline as defined in the various standards documents. Here are some of the most popular terms, and their definitions. Saving these here for quick reference. DEFINITIONS The following defin…
Didier Stevens
October 30th
Whenever I upgrade the operating system of my virtual machines, I take a snaphot right after the upgrade. This gives me a tree of different OS versions: I give each snapshot a small descriptive name, that starts with the date of the snapshot (YYYYMMDD). T…
October 21st
This new version of strings.py, my tool to extract strings from arbitrary files, adds option -P to add support for Pascal strings. A Pascal string is a string that is internally stored with a length-prefix: an integer that counts the number of characters …
October 17th
This is a small bug fix release for Python 3. translate_v2_5_9.zip (https) MD5: 8EC7A9F0738C86CCF2F0B44D3994E798 SHA256: 3C469996F7014CC1BD5D4F02157B7D5803698D93018360904B79EA2A1601BD10
System Forensics
Oops, it looks like you've entered an invalid feed address!
Digital Forensics Magazine News
August 21st
10% Discount For Students Students are eligible for a 10% discount on a DFM Digital Subscription.
Linux Sleuthing
May 2nd
Telling time in forensic computing can be complicated. User interfaces hide the complexity, usually displaying time stamps in a human readable format, e.g. 2017-05-02 18:36:23. But the time stamp is usually not recorded in this format. Instead, it is r…
September 29th
Every registered Android mobile device has an associated Google account. Google accounts usually mean Gmail. And, for investigators interested in the Gmail content stored on Androids, that content can be found in the /data/com.google.android.gm/database…
August 25th
I commonly use adb and fastboot to access Android devices.  Ubuntu has packages for those tools making installation easy:$ sudo apt-get install android-tools-adb android-tools-fastbootBut, in recent months, I have encountered instances where the adb …
August 24th
I decided to bite the bullet and try out Windows 10. I wanted to learn the new operating system and determine if I could run specific software/hardware combinations under the new Windows that I had been running in Windows 7, specifically Riffbox. I happ…
Sploited BLOG
January 21st
Welcome to 2013. I was fortunate to have some free time towards the end of last year which allowed me to catch up on some of my side projects such as the Malware Domain List script. Overall I had a great response from the community in regards to this scri…
December 28th
I thought as its the end of the year it would be a good opportunity to briefly break away from the SANS Forensic Artifact posts I've been writing. In my own time I've been playing around with some code that parses a Timeline file for any URL discovered wi…
December 27th
I'm a little late to say this but firstly Happy Christmas to my readers out there. I've been fortunate enough to have a little time off but still find myself working the Christmas / New Year period. I hope some of you have more time off and can catch up o…
December 3rd
I thought I'd get through this next artifact fairly quickly as again I've done some work prior with my Firefox script which has the option available to parse the information out of the Downloads.sqlite database.Please note that the last category should ha…
DFI computer Forensics
August 21st
10% Discount For Students Students are eligible for a 10% discount on a DFM Digital Subscription.