Recover Deleted Records in Windows.edb with WinSearchDBAnalyzer
WinSearchDBAnalyzer by Jeonghyeon Kim can parse normal records and recover deleted records in Windows.edb. You can learn mor…
-
Amcache Forensics: Populated or Not?
New Sunday – new Funday! This week’s Sunday Funday presented the following cha…
-
Shellbags Forensics: Directory Viewing Preferences
Had some free time last week, so decided to participate in David Cowen’s Sunday Fund…
-
Silence: Dissecting Malicious CHM Files and Performing Forensic Analysis
Let’s continue to dissect unusual malicious email attachments used by modern APT. Th…
Cyber Forensics Blog
Visual Analysis with ProcDOT
In the new episode of “Introduction to Malware Analysis” series Richard Davis covers a very useful utility calle…
Threat Hunting Using Live Box Forensics
In a threat landscape characterized by targeted attacks, fileless malware, and other advanced hacking techniques, the days o…
UnifiedLogReader: A parser for Unified logging .tracev3 files
Yogesh Khatri has made public his Unified Logging parser – UnifiedLogReader. It’s still a work in progress, so i…
Show More News
