Malcom: Malware Communication Analyzer
Malcom is a tool designed to analyze a system’s network communication using graphical representations of network traff…
The Most Essential Image Data Retrieval for Digital Forensic Experts
This article is a general explanation why and how forensic experts and first responders could benefit from a tool that provi…
Cobalt Strike Remote Threads Detection
Olaf Hartong has writted a blog post in which he shows how to use “Create Remote Thread” events to detect process injection …
PasteHunter
PasteHunter is a Python3 application that is designed to query a collection of sites that host publicliy pasted data. For al…
Open Forensic Images with Forensic7z
Forensic7z is a plugin for 7-Zip archiver that can be used for opening and browsing disk images created by specialized softw…
Forensic Challenges due to Encryption Mechanisms
Mobile devices investigation is a challenging field for forensic analysts, especially due to the increasing amount of data e…
Refined VirusShare Hash Sets
MantaRay Forensics team converted VirusShare.com 0-337 hash sets to RAW, EnCase and Autopsy format. The new set contains 31,…
Extract forensic timeline from memory dumps with AutoTimeliner
Andrea Fortuna created the AutoTimeliner, a tool that “automagically extract forensic timeline from volatile memory du…
RBCmd: Recycle Bin artifact parser
Eric Zimmerman has released a new tool. This time it’s Recycle Bin artifact parser called RBCmd. It supports both INFO…
Results from the 2018 Volatility Contests
Results from the 2018 Volatility Contests have been published. We congratulate Aliz Hammond and Team Decepticon with the fir…
