As you may already know, one of the most recent updates of Belkasoft Evidence Center is BelkaImager or Belkasoft Acquisition Tool.

Joe Sylve has announced his new article together with Vico Marziale and Golden Richard III entitled “Modern Windows Hibernation File Analysis”. 

Our digital forensics lab receives Mac computers for examination more and more often. There are some powerfull forensic suites for OS X analysis, but also there are a lot of very useful open source tools and scripts. One of such scripts is MacMRU-Parser.

Have you ever dug for deleted shadow copies during your Windows forensic examination?

In this post we want to show you how to create Mac OS X memory image with Rekall’s OSXPMem tool.