NEA

Δείτε με μια ματιά τα νέα από τον χώρο. Η καθημερινή σας εγκληματολογική εφημερίδα

Computer Forensics and E-discovery
October 5th
Note: The following does not represent the opinion of Mark McKinnon. He merely had the good grace to allow me a forum in which to post it after it was respectfully declined (for obvious reasons) by the SANS Institute's Forensic Blog. I wrote it chiefly b…
August 25th
This information was provided to me by Longshot (Just passing this great information along).Decoding the DateCreated and DateLastConnected registry values from the registry keysSOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\Profiles\{GUID} In Vi…
August 7th
I know this whole blog has gotten pretty stale as there have not been any posts in a loooong time. Well I am going to try and remedy that with some good posts in the coming weeks. Well the skype log parser, which is my most downloaded tool, has gone thro…
Forensic Focus
June 11th
This webinar is part of the Nuix Investigate Power User webinar series. Search filters in Nuix Investigate are designed and built to help investigators and their cross-functional teams to get faster, better-informed answers from their data. Join Nuix Inve…
June 11th
The 2020 Digital Forensic Science Strategy highlights some of the main challenges UK Police Forces encounter today. Our white paper contains insights from Nuix subject matter experts Paul Slater (formerly of GMP, 25 years’ experience with digital fo…
June 10th
The latest version of Oxygen Forensic® Detective includes industry-exclusive support for Ring services by Ring, LLC. Investigators can now use Oxygen Forensic® Detective to extract data from Ring apps on PCs and mobile phones, as well as from Ring…
June 7th
Nuix lets investigators link evidence from multiple devices and sources to help law enforcement and investigative teams answer what the NPCC’s Digital Forensic Science Strategy defines as ‘meeting the data challenge.’ … Read mo…
Forensic Video and Image Analysis BLOG
September 22nd
 This will be the final post in this space. I've retired from the practice. I'll leave this free resource up as an artifact and a reference. So long, and thanks for all the fish.
March 27th
First of all, I hope this post finds you and yours in good health. I hope that you have enough to eat and have enough resources to meet your basic needs. I know that many folks have been sent home to work, some have even lost their jobs (some temporarily,…
March 25th
As firms and agencies urge their employees to work from home during the global pandemic, their employees’ confidential phone calls run the risk of being heard by Amazon.com Inc. and Google. Mishcon de Reya LLP, the U.K. law firm that famously advis…
March 11th
When creating case reports, I like to use the terms from our discipline as defined in the various standards documents. Here are some of the most popular terms, and their definitions. Saving these here for quick reference. DEFINITIONS The following defin…
Didier Stevens
June 11th
ssdeep.py is a Python tool to calculate ssdeep hashes using the ppdeep Python module. As I needed a Python implementation of an ssdeep tool, I decided to document the creation of such a tool with a video. I use my Python templates to quickly create this t…
June 11th
Here is an update to my Python templates. I use these templates as a starting point for new tools or for quick development of ad-hoc tools. I also recorded a video showing how to use my template to create your own tool: ssdeep Python Example Based On My T…
June 6th
As several things have changed since I published “Howto: Make Your Own Cert With OpenSSL on Windows” 5 years ago, I’m publishing an updated how-to. This time, I’m using the OpenSSL Windows binaries provided by the Curl developers: …
System Forensics
Oops, it looks like you've entered an invalid feed address!
Digital Forensics Magazine News
August 21st
10% Discount For Students Students are eligible for a 10% discount on a DFM Digital Subscription.
Linux Sleuthing
May 2nd
Telling time in forensic computing can be complicated. User interfaces hide the complexity, usually displaying time stamps in a human readable format, e.g. 2017-05-02 18:36:23. But the time stamp is usually not recorded in this format. Instead, it is r…
September 29th
Every registered Android mobile device has an associated Google account. Google accounts usually mean Gmail. And, for investigators interested in the Gmail content stored on Androids, that content can be found in the /data/com.google.android.gm/database…
August 25th
I commonly use adb and fastboot to access Android devices.  Ubuntu has packages for those tools making installation easy:$ sudo apt-get install android-tools-adb android-tools-fastbootBut, in recent months, I have encountered instances where the adb …
August 24th
I decided to bite the bullet and try out Windows 10. I wanted to learn the new operating system and determine if I could run specific software/hardware combinations under the new Windows that I had been running in Windows 7, specifically Riffbox. I happ…
Sploited BLOG
January 21st
Welcome to 2013. I was fortunate to have some free time towards the end of last year which allowed me to catch up on some of my side projects such as the Malware Domain List script. Overall I had a great response from the community in regards to this scri…
December 28th
I thought as its the end of the year it would be a good opportunity to briefly break away from the SANS Forensic Artifact posts I've been writing. In my own time I've been playing around with some code that parses a Timeline file for any URL discovered wi…
December 27th
I'm a little late to say this but firstly Happy Christmas to my readers out there. I've been fortunate enough to have a little time off but still find myself working the Christmas / New Year period. I hope some of you have more time off and can catch up o…
December 3rd
I thought I'd get through this next artifact fairly quickly as again I've done some work prior with my Firefox script which has the option available to parse the information out of the Downloads.sqlite database.Please note that the last category should ha…
DFI computer Forensics
August 21st
10% Discount For Students Students are eligible for a 10% discount on a DFM Digital Subscription.