In this article, we are going to take a close look at the fundamentally new sources of digital evidences that are typical for the new version of the Windows 10 operating system, such as Notification center, new browser Microsoft Edge and digital personal assistant Cortana. Also, we will study some of the sources that were in the previous versions of …
SQLite is a popular database format that is used in programs of both mobiles devices and personal computers. Most of the popular browsers such as Google Chrome, Mozilla Firefox and Yandex Browser, and a great number of messengers, for example WhatsApp, Viber, WeChat etc. keep their data in this format. This fact makes such databases a valuable source of digital …
In this article, we are dealing with the main principles of the detection and analysis of the Android operating system malware, considering that this operating system is widely used in the smartphones and tablets. The main tools that are used by the experts for Android applications analysis are described. Introduction; General characterization of the Android malware; Android malware detection; Anti-forensic …
As you may already know, one of the most recent updates of Belkasoft Evidence Center is BelkaImager or Belkasoft Acquisition Tool.
Joe Sylve has announced his new article together with Vico Marziale and Golden Richard III entitled “Modern Windows Hibernation File Analysis”.
Our digital forensics lab receives Mac computers for examination more and more often. There are some powerfull forensic suites for OS X analysis, but also there are a lot of very useful open source tools and scripts. One of such scripts is MacMRU-Parser.
Have you ever dug for deleted shadow copies during your Windows forensic examination?
In this post we want to show you how to create Mac OS X memory image with Rekall’s OSXPMem tool.
Login
