General Discussion: Shellbag analysis
Greg, gmkk wrote: As per ShellBags detailed structure, you may want to have a look at the following sources: Thanks for all of that information. What's very interesting is that several of the tools...
View ArticleGeneral Discussion: running Magnet/distorting HDD contents: urband legend?
jhup wrote: Last week, I have also managed to render a perpendicular drive useless with some very powerful Windows 8. Well, the good news are that there is a rather cheap cure for it <img...
View ArticleForensic Software: The X-Ways Forensics Practitioner's Guide
Sounds good! Keep the suggestions coming and lets start a list for those kinds of things here
View ArticleMobile Phone Forensics: Oxygen Forensics
Looking for anyone who can provide some feedback on Oxygen Forensic Android Rooting Addon. Any luck recovering deleted SMS with it?
View ArticleGeneral Discussion: USB 1st insertion dates and setupapi anomalies
Has anyone else seen this? From looking at what Brian's done I had no explanation as to why the setupapi was reporting a date of later than the install date in the registry. Unforuntately we havent...
View ArticleGeneral Discussion: Is possible rebuild a cut floppy disk & retrieve data?
I disagree Only SD always has a clock bit
View ArticleForensic Software: Making a file signature analyser tool
I guess I should be flattered that someone decided to set up a project or assignment around reverse engineering my software Seriously however, if you are starting from the point of not knowing a...
View ArticleGeneral Discussion: Email Forensics (Read / Unread)
It depends on the system used to send the email. If the sender fires off the email with a read receipt request, the mail recipient is normally prompted to respond to the read receipt. If the mail...
View ArticleForensic Software: Email deduplication
Hello all, I am new to this site and I have been in the Digital Forensics field for a few months. I recently found out that FTK does not hash emails. I have an email set coming from PST files of an...
View ArticleMobile Phone Forensics: SaraSoft Nokia 101
Just wanted to add that the Nokia 100 and 101 are supported for logical and file system extraction with the UFED native cable number 135. Also, I read above about physical extraction for the the Nokia...
View ArticleGeneral Discussion: Is possible rebuild a cut floppy disk & retrieve data?
Sorry I was just talking about 3.5" disks - I haven't seen a 5.25 for about 15 years
View ArticleGeneral Discussion: Adobe Camera Raw Cache files
minime2k9 wrote: Fortunately (or unfortunately depending on your view) I've located what I was looking for in the Adobe Bridge Cache, I would say fortunately<img src="images/smiles/icon_biggrin.gif"...
View ArticleMobile Phone Forensics: BMW Key Fob Mobile Phone
Never seen one, but the "platform" is (strangely enough) specified on the ebay page: Quote:: Platform: MTK MT6252A There are a whole set of "car key" low-cost China phones here:...
View ArticleMobile Phone Forensics: Oxygen Forensics
As much as I appreciated the free trial they offer, I found Oxygen to recover far less than other software based tools.
View ArticleForensic Software: Linux Scanning and Discovery technique problems
Traffic will be sent to various networks from whatever interface has a route to it depending on your routing table. I wouldnt worry about it tbh, as long as you can get traffic to the target IP I dont...
View ArticleForensic Software: The X-Ways Forensics Practitioner's Guide
Eric, would you please get in touch with me? The email address (fbi.gov) I have for you bounced. My email is scott.tucker [at] aptegra.com
View ArticleGeneral Discussion: Email Forensics (Read / Unread)
jbscarva, I understand that English might not be your first language. But that doesn't really excuse the vague nebulousness nature of your question. What E-mail client & OS? Is it web based Email?...
View ArticleMobile Phone Forensics: iPhone 5
JDiamond wrote: 1. What software has anyone used to successfully extract data from an iPhone 5? 2. Does the software allow for extraction of the slack space or unallocated space to try and recover the...
View ArticleMobile Phone Forensics: BMW Key Fob Mobile Phone
Thanks Jaclaz, I will check the platform, we have had many MTK devices in (I did have a farrari phone once) Thanks for the link, great help for getting started. 4R
View Article