Rapid Provisioning of a Malware Analysis Environment
Adam Kramer has published a post in SANS DFIR blog about ‘rapid_env’. This is an open source tool he developed, …
The new version of Mandiant Redline supports Windows 10
Redline version 1.20 introduces support for collection from and analysis of Window 10 systems and is already available for d…
PPEE: cross-platform PE explorer
If you prefer to use different platforms for malware analysis and forensics, here is a good fresh tool for you – PPEE …
PsychoHasher: A Cross Platform Hashing Tool
PsychoHasher is a Java based open source tool for generating and verifying hashes for text, files, combined digest for multi…
A Comparison of Encryption Tools for Disk Data Storage from Digital Forensics Point of View
A closer look from a digital forensics point of view may help examiners to find and understand vulnerabilities in cryptograp…
AFEIC: Advanced Forensic Ext4 Inode Carving
In forensic computing, especially in the field of postmortem file system forensics, the reconstruction of lost or deleted fi…
Fix acquired EVT files with evtkit
evtkit is a Python tool, which can help a computer forensic examiner to fix acquired Windows Event Log files. It’s lig…
Demystifying Android Marshmallow Forensic Analysis
Magnet Forensics has published a fresh white paper: “Demystifying Android Marshmallow Forensic Analysis”. Readin…
A Guide to Eric Zimmerman’s command line tools
SANS Instructor and Former FBI Agent Eric Zimmerman has provided several open source command line tools free to the DFIR Com…
Proposed Workable Process Flow with Analysis Framework for Android Forensics in Cyber-Crime Investigation
Nowadays, android smartphones are becoming more popular and the greatest platform for mobile devices which has capability to…
