Forensic Software: BMC Viewer??
Excellent - thanks very much. I can see something which will definitely help the case!!!
View ArticleGeneral Discussion: Forensic acquisition of a Secure Boot enabled system
Rampage wrote: you need the USB flashdrive version as the CD won't boot if secure boot is enabled. My guessis that this depends on the specific BIOS/UEFI implementation of the machine, there are...
View ArticleMobile Phone Forensics: best software to clone mobile device physically (clone)
I am relatively new to Mobile Forensics however I may be able to shed some light. As far as i'm concerned the closest you will get to 'bit to bit' physical imaging would be performing a physical...
View ArticleGeneral Discussion: 32+TB Live Image
n00bcfe wrote: With that said, I was thinking about doing a live image of the data storage partition using FTK Imager Lite. This would give me a single DD image (yes, a very large dd image) of the...
View ArticleMobile Phone Forensics: cache.cell /cache.wifi
Greetings, I am relatively new to mobile forensics, and I am currently doing some testing with AccessData's Mobile Phone Examiner Plus (MPE+).I am interested in finding location information from my...
View ArticleForensic Software: Kerio FDB
Yes. They are Firebird databases, Kerio uses them for "light" installations without much data. Otherwise the data is stored in SQL Server for most of their products. You can get a ODBC driver or a GUI...
View ArticleMobile Phone Forensics: Issue with Pictures in Moments Apple 5s
Currently using Cellebrite UFED Classic and Physical Analyzer v. 3.9.5.192. I performed a file system extraction via the UFED Classic on an iPhone 5s. The trouble I'm running into is that a particular...
View ArticleGeneral Discussion: Grep
It is also important to have some details about the source document. Is it plain ASCII text, a PDF file, UTF-16. Does the text have line breaks in sensible places? How big are the file(s)?
View ArticleMobile Phone Forensics: best software to clone mobile device physically (clone)
A full bit to bit copy of the mobile phone is achieved only when you read the entire phone memory chip. This capability is not trivial and requires a much more advanced approach than most of the tools...
View ArticleForensic Software: Kerio FDB
The FDB files are the Exchange equivalent of OST I'm told. I have all the individual .eml files from the server and from backup archives, this is the last piece from the actual computer. I likely don't...
View ArticleGeneral Discussion: 32+TB Live Image
Is the server running in a virualised environment? What about obtaining a VHD snaphot instead of a logical acquisition.
View ArticleMobile Phone Forensics: Accessdata MPE+ SIM Card SMS Report BUG or Option??
Yes belive me MPE+ (--) is really slower than others, and then bring us this really problems that make us feel stupid in Court House... Support tell us to continue to be stupid, "All the others...
View ArticleGeneral Discussion: XBOX Live
Chris55728 wrote: From what I recall, the XBOX hard drive has a 'security sector' at the beginning of the hard drive which contains the hard drive make and model which is connected to the console that...
View ArticleDigital Forensics Job Vacancies: Australia - malware analyst - subcontract
hi,ecophobia: a little more detail I want to know 1.which kind does work belong to, Forensics or Anti-Virus or other 2.which platform will be the mainly work platform(win / linux / mac / android /ios/...
View ArticleGeneral Discussion: Grep
Dndschultz wrote: I'll try the "town.?{1,36}arson" As your requirement was 'within six words of'', you must also try ut with 'arson' in front of 'town'. Just be aware that 36 characters is not the same...
View ArticleMobile Phone Forensics: Need help with timestamps
keydet89 wrote: Have you tried contacting the vendor? You may get "an" answer quicker via sources such as this forum, but you will get "the" answer if you contact the vendor. If you're using a licensed...
View ArticleDigital Forensics Job Vacancies: eForensic Employment - Cheshire Constabulary
Cheshire Constabulary are recruiting for eForensic Investigator, Examiner and Technician posts at Police Headquarters, Winsford, Cheshire. The link the the current jobs portal can be found here....
View ArticleGeneral Discussion: Grep
Reconnoitre uses Lightgrep so this is what I am most familiar with, although Lightgrep is PRCE compatible grep. You *may* need to change the below to "Encase grep". Given that you can't do "within x...
View ArticleDigital Forensics Job Vacancies: eDiscovery Role-IT or Computer Forensic...
Please include the vacancy location in your post's subject line as per the forum rules, thank you.
View ArticleMobile Phone Forensics: HELP! iPhone 5 - iOS 7
NO EPILOG does not extract data from the phone instead it carves data from databases. As stated in my post if you have access to the sms.db there is a possibility to recover deleted messages. I do not...
View Article