Extract Common Windows Forensic Artifacts with ArtifactExtractor
ArtifactExtractor is a script that extracts common Windows artifacts from source images and VSCs. Artifacts in VSCs will be …
-
The Hitchhiker’s Guide to USB Forensics
If you are a digital forensic examiner, you must know, that clients very often ask to find…
-
Basic Dynamic Analysis of a Malicious VBScript
For a long time one of the most common sources of ransomware and other malware have been s…
-
How to Find Passwords for Encrypted iTunes Backups
Nowadays more and more people use encryption to protect the backups of their iPhone, iPad,…
Cyber Forensics Blog
Open Sourcing JA3: SSL/TLS Client Fingerprinting for Malware Detection
A JA3 hash represents the fingerprint of an SSL/TLS client application as detected via a network sensor or device, such as B…
Amcache and USB Device Tracking
Jason Hale has published an interesting post on how to use the amcache to track USB devices. You can find device serial numb…
Digital Forensics and Incident Response (DFIR) for ICS Embedded Devices
Chris Sistrunk of Mandiant shows tools and tips on the very new field of DFIR for PLC’s, RTU’s and other embedde…
Show More News
Random Post
The new version of Google Chrome forensics tool – Hindsight, – is released. Here are …
