Preston Miller from DPM Forensics has published a post on how to recover data from damaged USBs. In the post he discusses a few methods can be used to extract data from a broken USB device. You’ll learn how to remove the chip from the board and how to solder it onto the donor.

Joshua James from Cybercrime Technologies has recorded a nice tutorial on how to extract text from images with Tesseract-OCR. Here is the recording:

Nowadays, android smartphones are becoming more popular and the greatest platform for mobile devices which has capability to run millions of mobile phones in about more than 200 countries. It may bring not only convenience for people but also crimes or security issues. Some people are committed the crimes by using the technology and mobile devices. So, android forensics is …

This video shows how to use Magnet ACQUIRE to obtain a physical image of Android mobile phone devices using TWRP. The phone used in this video is a Samsung Galaxy S5 mobile phone (SM-G900W8) running Android 6.0.1:

Amanda Rousseau has published a course on basics of malware reverse engineering at her GitHub. The course consists of 6 sections: fundamentals, malware techniques, RE tools, triage analysis, static analysis and dynamic analysis.

Philippe Lagadec has published a blog post on how to find data hidden at the end of an OLE file. You will learn about Microsoft Compound File Binary Format (OLE format) and how to determine the end of OLE data to find hidden objects.

In recent years Android operating system, being installed on huge numbers of smartphones, tablets and other devices, had a breakthrough on the market. Following that success, the need to recover and analyze data from Android OS, became important part of mobile forensics. Consequently, many commercial and open-source mobile forensic tools became available for forensics investigators. The subject of this paper …

Brian Moran from BriMor Labs has posted an article on how to load a SQL .bak file for analysis, without SQL Server previously installed. The process consists of eight steps: 1) Download SQL Server 2016 SP1 Developer edition 2) Download Microsoft SQL Server Management Studio 3) Copy executables to flash drive 4) Copy executables to offline system 5) Install SQL Server …

NVISO Labs has published a blog post about analysis of some obfuscated scripts that they received. These files were already detected by automated scanners but as these are mainly malware droppers, they decided to do some manual analysis to determine where the actual malware is hosted.

Mark Robinson has published a post on how to carve data out of PCAPs. Step-by-step guides will show you how to do it with Wireshark, Bro IDS, and Network Miner.