One of our favorite forensicators – David Cowen, – has published a very interesting post in Hacking Exposed Comp…

Guys, we have created a Telegram group, where we will do our best to answer all your questions. We will be very happy if you…

evtkit is a Python tool, which can help a computer forensic examiner to fix acquired Windows Event Log files. It’s lig…

Mobile forensics is a branch of cyber forensics which helps in extracting evidence from mobile devices. A variety of softwar…

In this blog post guys from NVISO Labs answer Harlan Carvey’s question: “Did you parse the LNK file for things s…

SANS Instructor and Former FBI Agent Eric Zimmerman has provided several open source command line tools free to the DFIR Com…

Travis Smith has published a post about fileless malware on The State of Security. He notes that this type of malware isn…

Brian Moran from BriMor Labs has posted an article on how to load a SQL .bak file for analysis, without SQL Server previousl…

Increased use of cloud storage services have become a necessity alternative that complements the main storage media in every…

Here is a paper by Aron Warren from SANS Institute Reading Room site about Tor browser artifacts in Windows 10. The Tor netw…