This Autopsy plugin by Rebecca Anderson won Autopsy Plugin Contest this year at Open Source Digital Forensics Conference (OSDFCon). It searches Virus Total for SHA1 hashes of executables from amcache. You can get the plugin here.
-
Incident Forensics Lifecycle
Recently I’m becoming more and more interested in cyber threat intelligence. I even … -
Shining a light on Spotlight: Leveraging Apple’s desktop search utility to recover deleted file metadata on macOS
Spotlight is a proprietary desktop search technology released by Apple in 2004 for its Mac… -
Load More Related Articles
-
AutoMacTC: Automated Mac Forensic Triage Collector
AutoMacTC is a modular forensic triage collection framework designed to access various for… -
Sysmon-Modular: A Sysmon Configuration Repository for Everybody to Customise
This is a Microsoft Sysinternals Sysmon configuration repository by Olaf Hartong, set up m… -
Recover Deleted Records in Windows.edb with WinSearchDBAnalyzer
WinSearchDBAnalyzer by Jeonghyeon Kim can parse normal records and recover deleted records…
Load More In Software
