NEA

Δείτε με μια ματιά τα νέα από τον χώρο. Η καθημερινή σας εγκληματολογική εφημερίδα

Computer Forensics and E-discovery
October 5th
Note: The following does not represent the opinion of Mark McKinnon. He merely had the good grace to allow me a forum in which to post it after it was respectfully declined (for obvious reasons) by the SANS Institute's Forensic Blog. I wrote it chiefly b…
August 25th
This information was provided to me by Longshot (Just passing this great information along).Decoding the DateCreated and DateLastConnected registry values from the registry keysSOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\Profiles\{GUID} In Vi…
August 7th
I know this whole blog has gotten pretty stale as there have not been any posts in a loooong time. Well I am going to try and remedy that with some good posts in the coming weeks. Well the skype log parser, which is my most downloaded tool, has gone thro…
Forensic Focus
January 28th
Replay, Recover, Enhance, Analyze.The Completion of Video Forensics. In this video we introduce how MD-VIDEO operates to select and analyze various type of video files.Find the tutorial video below and don’t miss our next How-to episode! If you have…
January 28th
Phil: Hello, everyone. Welcome to another webinar in the Nuix webinar series. Today we are going to be talking about enriching Nuix processing and Nuix Investigate for information governance. So just for introductions, my name is Phil Glod. I’m a…
January 27th
Magnet AXIOM 4.9 and Magnet AXIOM Cyber 4.9 are now available to help you more easily share your Portable Cases, get additional customizations and controls for your Exports, and more! Plus, another huge announcement for AXIOM Cyber! Many corporate forensi…
January 27th
Today’s XRY 9.3.1 release arrives with a number of improvements ensuring your ability to access the latest devices and applications. We have added improvements for Security Bypass features to enable you to access valuable data from locked Samsung…
Forensic Video and Image Analysis BLOG
September 22nd
 This will be the final post in this space. I've retired from the practice. I'll leave this free resource up as an artifact and a reference. So long, and thanks for all the fish.
March 27th
First of all, I hope this post finds you and yours in good health. I hope that you have enough to eat and have enough resources to meet your basic needs. I know that many folks have been sent home to work, some have even lost their jobs (some temporarily,…
March 25th
As firms and agencies urge their employees to work from home during the global pandemic, their employees’ confidential phone calls run the risk of being heard by Amazon.com Inc. and Google. Mishcon de Reya LLP, the U.K. law firm that famously advis…
March 11th
When creating case reports, I like to use the terms from our discipline as defined in the various standards documents. Here are some of the most popular terms, and their definitions. Saving these here for quick reference. DEFINITIONS The following defin…
Didier Stevens
January 27th
I released an update to my 010 Editor script XORSelection.1sc. 010 is a binary editor with a scripting engine. XORSelection.1sc is a script I wrote years ago, that will XOR-encode a (partial) file open in the editor. The first version just accepted a prin…
January 23rd
This new version brings an update to the Pascal feature of strings.py, my tool to extract strings from arbitrary files. I had to analyze compiled Lua code (compiled with Lua 5.2): Lua 5.2 byte code stores strings like C strings and Pascal strings. The str…
January 22nd
This is a new version of my tool to search with regular expression, adds a -F (–filter) option to filter search results. re-search_V0_0_15.zip (https) MD5: E68D42F9F943335961C12BED7AD459A7 SHA256: 47F837C198CC3033B9C07086EA4FD0484BC40CE850723B4F6A84…
System Forensics
Oops, it looks like you've entered an invalid feed address!
Digital Forensics Magazine News
August 21st
10% Discount For Students Students are eligible for a 10% discount on a DFM Digital Subscription.
Linux Sleuthing
May 2nd
Telling time in forensic computing can be complicated. User interfaces hide the complexity, usually displaying time stamps in a human readable format, e.g. 2017-05-02 18:36:23. But the time stamp is usually not recorded in this format. Instead, it is r…
September 29th
Every registered Android mobile device has an associated Google account. Google accounts usually mean Gmail. And, for investigators interested in the Gmail content stored on Androids, that content can be found in the /data/com.google.android.gm/database…
August 25th
I commonly use adb and fastboot to access Android devices.  Ubuntu has packages for those tools making installation easy:$ sudo apt-get install android-tools-adb android-tools-fastbootBut, in recent months, I have encountered instances where the adb …
August 24th
I decided to bite the bullet and try out Windows 10. I wanted to learn the new operating system and determine if I could run specific software/hardware combinations under the new Windows that I had been running in Windows 7, specifically Riffbox. I happ…
Sploited BLOG
January 21st
Welcome to 2013. I was fortunate to have some free time towards the end of last year which allowed me to catch up on some of my side projects such as the Malware Domain List script. Overall I had a great response from the community in regards to this scri…
December 28th
I thought as its the end of the year it would be a good opportunity to briefly break away from the SANS Forensic Artifact posts I've been writing. In my own time I've been playing around with some code that parses a Timeline file for any URL discovered wi…
December 27th
I'm a little late to say this but firstly Happy Christmas to my readers out there. I've been fortunate enough to have a little time off but still find myself working the Christmas / New Year period. I hope some of you have more time off and can catch up o…
December 3rd
I thought I'd get through this next artifact fairly quickly as again I've done some work prior with my Firefox script which has the option available to parse the information out of the Downloads.sqlite database.Please note that the last category should ha…
DFI computer Forensics
August 21st
10% Discount For Students Students are eligible for a 10% discount on a DFM Digital Subscription.