Mobile Phone Forensics: Secure wipe and iphone forensics
Thank you all so much for you input. It really has helped a lot. im curious would anyone be able to supply me with an example picture of the SQLite database that shows text messages that have been read...
View ArticleGeneral Discussion: Remote wipe of Mac Airbook
Thanks for the update. That is very interesting. It's probable that the first 64GB contained mostly the operating system and pre-installed programs, so this process left most of the user's files exposed.
View ArticleForensic Hardware: What software is on your go kit laptop?
i have a 64GB USB3 drive i have: osTriage X-Ways Forensics TrueCrypt EditPad Pro VLCPortable ThunderbirdPortable FTK Imager
View ArticleMobile Phone Forensics: RF shielding
Some scientific references: http://www.ce-mag.com/archive/01/Spring/Ogunsola.html http://www.emcs.org/acstrial/newsletters/winter09/pp2.pdf The first linked article suggests that currently the only...
View ArticleForensic Hardware: Basic question on imaging
I like to "slave" the target device(s), unless they cannot be powered down for some reason.
View ArticleForensic Software: Creating a keyword from the image
Think also about non-text files, compound files, compressed files, encrypted files, etc . . .
View ArticleMobile Phone Forensics: Free tool nokia (symbian) forensic
There are other tools but as your question is general ebquiry bombone, I make some general observations You could investigate along the lines of: Developer tool - Carbide ++ and add Symbian SDK pack...
View ArticleEducation and Training: Which Forensic certificate(s) are most in demand?
Just wanted to add my bit of info on this as our dept is currently looking for a Forensic Examiner with the min req of: EnCE, CFCE, CCE, CISSP, GCFE, and GCFA. I work in computer forensics/incident...
View ArticleForensic Software: Indexing a Mac disk image in X-Ways
I rarely index an image in X-Ways Forensics because the simultaneous search option is usually fast enough. On this occasion I'm trying it though, and I'd like to ask about code pages; I can select up...
View ArticleForensic Hardware: Basic question on imaging
I prefer to use a shuttle box with external E-Sata ports and an E-Sata write blocker. I then use Encase to create a compressed E01 and work of that. I rarely do bit for bit copies as I find that I only...
View ArticleForensic Hardware: Microsoft Surface Pro Tablet for Incident Response
It is surprisingly quick. It recovered an iPhone pin in short time and f response we able to download a gmail box I. About 15 min. The box contained about 4000 emails. Is there any way to get my hands...
View ArticleMobile Phone Forensics: SIM partitions
Hi guys, Im just in the early stages of learning about mobile phone forensics. My question is what is the partition system in SIM cards? I know that SIM & USIM are different types of sim cards...
View ArticleGeneral Discussion: Timeline for logon/logoff events
If you want to filter on account names, better to convert to CSV/Text format, fire up a command shell, then type: Quote:: type filename.csv | find /i "accountname">newfilename.csv This will produce...
View ArticleForensic Hardware: What software is on your go kit laptop?
pragmatopian wrote: I want a budget like that! :) You can start by showing your boss what you could use (as in having skills for) and what the benefits are from of getting that tool/software. You're...
View ArticleEducation and Training: Principles of Cyber Forensics
yannaing wrote: Hi everybody, I'm a degree student and making research essay regarding with cyber forensics . But , u all know making research is very challenging if u are freshie to this issue. And ,...
View ArticleEducation and Training: Newbie Student Questions About Algorithms
Quote:: We're learning how to write out algorithms for mathematical things, definitions, etc. The algorithms you will come in contact with will be embedded into software and you use them by clicking a...
View ArticleGeneral Discussion: Hard Drive Formatted. Need to identify date and time of this
Thanks for your reply Jaclaz. The Intellex software resides on a win 2000 install. The drive was fat 32 and appeared to have been re formatted as same, no label or partition created. thanks again I...
View ArticleMobile Phone Forensics: SIM partitions
smich wrote: Hi guys, Im just in the early stages of learning about mobile phone forensics. My question is what is the partition system in SIM cards? I know that SIM & USIM are different types of...
View ArticleGeneral Discussion: Hard Drive Formatted. Need to identify date and time of this
wonderboy wrote: I was mistaken earlier when I said no vol label, there is of course a 4 or 5 digit number! Good. A volume label on FAT 12/16/32 occupies an entry in (root) directory and since it is...
View Article