PowerShell and Python Together: Targeting Digital Investigations
A new book by Chet Hosmer has been released. The book will teach you how to use PowerShell and Python for conducting digital…
The Most Essential Image Data Retrieval for Digital Forensic Experts
This article is a general explanation why and how forensic experts and first responders could benefit from a tool that provi…
Cobalt Strike Remote Threads Detection
Olaf Hartong has writted a blog post in which he shows how to use “Create Remote Thread” events to detect process injection …
Refined VirusShare Hash Sets
MantaRay Forensics team converted VirusShare.com 0-337 hash sets to RAW, EnCase and Autopsy format. The new set co…
Windows Forensics: Event Trace Logs
Looking for a “new” Windows artifact that is currently being underutilized and contains a wealth of information? Event Traci…
Extract forensic timeline from memory dumps with AutoTimeliner
Andrea Fortuna created the AutoTimeliner, a tool that “automagically extract forensic timeline from volatile memo…
RBCmd: Recycle Bin artifact parser
Eric Zimmerman has released a new tool. This time it’s Recycle Bin artifact parser called RBCmd. It supports both…
Building your Android Application Testing Toolbox
This webcast explores the following topics: 1) Choosing the best test device 2) Rooting your Android 3) Utilizing File Brows…
Robust Use of PsExec That Doesn’t Reveal Password Hashes
Brian Carrier and Chris Ray have found a way how to run PsExec and not reveal admin password hash. Check this blog post to l…
Learning Android Forensics – Second Edition
Packt Publishing has annonced the second edition of Learning Android Forensics. The new book by Oleg Skulkin, Donn…
