Make Your Debian a Forensic Workstation
If you are looking for a SIFT replacement and already have a Debian workstation, this package is for you. Forensics-full pac…
Autopsy 4.6.0 Linux Beta 1
The first beta Linux version of your favourite open source DFIR tool Autopsy. You can download it here. Now the tool has the…
Forensic Lunch with Maxim Suhanov
This time the “Forensic Lunch” with David Cowen meets Maxim Suhanov – digital forensics analyst, researche…
ReversingLabs Hash Query Plugin for Autopsy
Polito Inc. has partnered with ReversingLabs (RL) and has developed a plugin extension called ReversingLabs Lookup Utility f…
Volatility Profiles and Windows 10
As of the recording of this video, the current version of Volatility is 2.6; however, even if you have this version installe…
Forensic Analysis of Damaged SQLite Databases
SQLite databases are very common sources of forensic artifacts nowadays. A lot of mobile applications store data in such dat…
The Power of Logging in Incident Response
In this post Brad Garnett writes about the importance of logging in incident response. Brad mentions such important digital …
Forensic Challenges
Amam Hardikar has collected forensic challenges (including computer forensics, network forensics, malware analysis, etc) fro…
The Sleuth Kit and Autopsy 4.6.0 have been released
The Sleuth Kit and Autopsy 4.6.0 are available for downloading. Here are the lists of new features: The Sleuth Kit New Commu…
Threat Hunting Reconnaissance Toolkit
Threat Hunting Reconnaissance Toolkit or THRecon is a collection of PowerShell scripts by Tony Phipps, which can be very use…
