GVFS metadata: Shellbags for Linux
There are a number of techniques that the perpetrator of an offence may use to hide data. These techniques include storing d…
Autopsy 4.6.0 Linux Beta 1
The first beta Linux version of your favourite open source DFIR tool Autopsy. You can download it here. Now the tool has the…
The Sleuth Kit and Autopsy 4.6.0 have been released
The Sleuth Kit and Autopsy 4.6.0 are available for downloading. Here are the lists of new features: The Sleuth Kit New Commu…
CyDefe Labs DFIR Challenges
If you don’t know what to do on a Sunday evening, there is a bunch of nice digital forensics and incident response cha…
Command Line Forensics For Linux
Craig Rowland from Sandfly Security discusses how to use basic Linux command line tools to do intrusion detection and digita…
What Is New in EXT4 from an Incident Analysis Perspective
ERNW has published an interesting white paper on the analysis of EXT4 file system in the context of an incident analysis, he…
EXT File System Recovery
The standard Linux fsck utility does a good job recovering damaged file systems. But can a deeper understanding of EXT file …
Autopsy 4.5.0 and the Sleuth Kit 4.5.0 have been released
The new versions of your favourite open source digital forensics tools – the Sleuth Kit and Autopsy have been released…
Plaso Heimdall Has Been Released
The Plaso development team has announced the new version of the tool – Heimdall. Here is the list of new features: New…
SANS SQLite Pocket Reference Guide
This guide is a supplement to SANS FOR518: Mac Forensic Analysis and SANS FOR585: Advanced Smartphone Forensics, and enhance…
