Standard Units in Digital Forensics
by Dr Chris Hargreaves Lecturer at the Centre for Forensic Computing at Cranfield University in Shrivenham, UK. One of the earliest lectures in the MIT Openware programme in Physics begins with the...
View ArticleAndroid Forensics Study of Password and Pattern Lock Protection
Let’s see what Pattern Lock is, how to access, determine or even get rid of it? We’ll also speak about Password Lock Protection and find out what it has in common with Pattern Lock. And finally we’ll...
View ArticleParallels hard drive image converting for analysis
Abstract The other day, talking to one of the analysts in Dallas, a question emerged about analyzing Parallels’ virtual machine hard drives. To my surprise, I did not find many help on this issue...
View ArticleGenerating computer forensic supertimelines under Linux: A comprehensive...
When the authors first published this paper, their intentions were to develop a comprehensive guide to digital forensic timelines in order to consolidate the many fragmented sources of information...
View ArticleInterpretation of NTFS Timestamps
Introduction File and directory timestamps are one of the resources forensic analysts use for determining when something happened, or in what particular order a sequence of events took place. As these...
View ArticleGeo-tagging & Photo Tracking On iOS
As you may already know, Apple has always been criticized for using their extremely popular devices to track users and use this information to expand their own databases. This tutorial assumes that you...
View ArticleForGe – Computer Forensic Test Image Generator
Introduction Creating test material for computer forensic teaching or tool testing purposes has been a known problem. I encountered the issue in my studies of Computer Forensics at the University of...
View ArticleAnalysis Of iOS Notes App
As part of my third year studying Digital Security,Forensics & Ethical Hacking at GCU, I took part in a group research project to study the artifacts created when using the notes app on an iPad...
View ArticleOS X Mavericks Metadata
Apple recently released the newest version of their desktop operating system, Mac OS X Mavericks. As a free update to all supported Apple desktops and laptops, a wide adoption rate was expected, and...
View ArticleForensic analysis of the ESE database in Internet Explorer 10
———————————————————— Due to me not being able to reformat our thesis in a good way I strongly suggest you look at the whole paper in PDF format here:...
View ArticleSamsung Galaxy Android 4.3 Jelly Bean acquisition using Joint Test Action...
There have been some issues during data acquisitions with Samsung Galaxy having the Android 4.3, Jelly Bean as the operating system even if using the recommended steps for Logical File Dump, File...
View ArticleWindows Forensics and Security
By Adrian Leon Mare www.ExpertDataForensics.com The world we live in today is a technologically advanced world. While on one hand, commercialization of IT (Information technology) revolutionized our...
View ArticleLinux Timestamps, Oh boy!
Timestamps are critical for analysts; they usually deal with different filesystems and understanding how the file timestamps work on each is crucial to what they do. If you do an online search for...
View ArticleImm2Virtual: A Windows GUI To Virtualize Directly From Disk Image File
by Nanni Bassetti Sometimes during a computer forensic investigation, we need to virtualize our image disk, because it could be useful for checking or finding something of interest. If we need to...
View ArticleHow To Parse AirDrop Artifacts In Magnet AXIOM
Hey everyone, Trey Amick from Magnet Forensics here. Today we’re going to be looking at a new set of artifacts specific to Mac investigations, which will be released as part of the AXIOM 3.8 release....
View Article