SANS Instructor and Former FBI Agent Eric Zimmerman has provided several open source command line tools free to the DFIR Com…

Travis Smith has published a post about fileless malware on The State of Security. He notes that this type of malware isn…

Brian Moran from BriMor Labs has posted an article on how to load a SQL .bak file for analysis, without SQL Server previousl…

Increased use of cloud storage services have become a necessity alternative that complements the main storage media in every…

Here is a paper by Aron Warren from SANS Institute Reading Room site about Tor browser artifacts in Windows 10. The Tor netw…

Srum-dump is an open source tool by Mark Baggett, which creates an excel spreadsheet containing forensics artifacts containe…

In this article, we are going to take a close look at the fundamentally new sources of digital evidences that are typical fo…

BlackBag Training Team has published a fresh post. This time they are speaking about Windows Volume Shadow Copies. You will …

Windows Forensics is the most comprehensive and up-to-date resource for those wishing to leverage the power of Linux and fre…

The records maintained by Jump Lists have the potential to provide a rich source of evidence about users’ historic act…