Windows Application Compatibility Forensics
Richard Davis has posted another video as a part of his “Introduction to Windows Forensics”, which shows three a…
Digital Forensic Diaries
Digital Forensic Diaries series by Mike Sheward is available for free this week. You can get it here. Mike Sheward CISSP, CI…
Detecting Lateral Movement through Tracking Event Logs
Japan Computer Emergency Response Team Coordination Center (JPCERT/CC) presented an 80-page guide on how to detect lateral m…
An Introduction to VolUtility
Basil Alawi S.Taher has posted a nice overview of how to start using VolUtility – a web frontend for Volatility framew…
Volatility Memory Analysis: Building Linux Kernel Profiles
Joshua James has published a video-tutorial on how to build Linux kernel profiles for memory forensics with Volatility. He n…
Forensic Acquisition of Cloud Drives
Cloud computing and cloud storage services, in particular, pose a new challenge to digital forensic investigations. Currentl…
Introduction to Windows Forensics
Richard Davis has published another interesting video – an introduction to basic Windows forensics. He covers such top…
FSEParser v 2.1 released
New version of FSEventsParser has been released. FSEvents files are written to disk by OS X apis and contain historical reco…
Volatility Workbench Beta
PassMark Software has released a beta version of Volatility Workbench – a graphical user interface (GUI) for the Volat…
Mac FS Events Parser for Autopsy
Mark McKinnon has written a plugin that will export the /.fseventsd directory to the temp folder and will then call an execu…
