Forensic Software: TSK / Autopsy 2.24 mmls tool results not the same.
binarybod thanks for that explanation that really helps. Now that I know I can check the exec.log and see exactly what Autopsy is doing that will help me learn more. On a side note I'm running Kali...
View ArticleMobile Phone Forensics: BLACKBERRY EVENT LOGS
Ron, Thanks RON. I had access to the UFED for a limited time but no longer have it as a tool. The UFED is head and shoulders above every other tool I have used. These event logs are in the time frame I...
View ArticleForensic Software: FTK5 upgrade confidence poll
How "immediately"? It will have to go through testing. There are questions about database migration that will have to be decided (as Oracle, while so far still supported, is not getting much if any...
View ArticleGeneral Discussion: .vox file Help
Hi, Thank you for your replys and help. I was told when they were handed over to me that they were audio files. I was using a program called "NBX audio converter" to play the files in which they were...
View ArticleGeneral Discussion: .vox file Help
drewseegolun wrote: "DTS Compact Audio" http://en.wikipedia.org/wiki/DTS_(sound_system) According to the above Videolan should be able to decode/play them: http://www.videolan.org/ You checked the...
View ArticleMobile Phone Forensics: SIM partitions
jaclaz wrote: trewmte wrote: (U)SIM Examination (Physical) Pt1 - http://trewmte.blogspot.co.uk/2013/03/usim-examination-physical-pt1.html. Be careful when you post links, the board parser has included...
View ArticleGeneral Discussion: Pin Pad Tampering Case
I currently work in one of roles with chip and pin devices, magstripe, payment card terminals (fixed, NFC, BT and WiFi) and ID+V. Here are two reported cases of alleged doctored PIN pads secretly...
View ArticleForensic Software: x-ways x-tension api
Has anyone ever developed one of these or even seen one in use somewhere? I've seen the examples on the web site but was curious if many one has done any development against it.
View ArticleForensic Software: The X-Ways Forensics Practitioner's Guide
I've released several free tools 0n the blog that vastly improve the installation experience and xwf reporting. As an update we have about 4 chapters left to write. The blog is regularly updated with...
View ArticleForensic Software: FTK5 upgrade confidence poll
EricZimmerman wrote: I've heard it will be at least a grand more but haven't seen anything definitive. Then again that may be the price for the full version vs. Maintenance I'm pretty sure that's the...
View ArticleGeneral Discussion: OBJECTS.DATA: Purpose, Structure
Greetings, I am searching for detailed information on the purpose and structure of the OBJECTS.DATA file, located in restore points (RPx) folders. After spending the better part of several days...
View ArticleGeneral Discussion: RAID LIVE imaging
Here are 2 sceniaros, Scenario 1: An incident occured and an entire imaging process is needed to be applied on a live "Windows" sever without the move of restarting or switching off the windows. - The...
View ArticleMobile Phone Forensics: XRY Interpreting location history
Hi guys, I'm trying to analyse an android mobile phone as part of an assignment. Within the locations tab of XRY there is listed 127 location entries of which 110 are Wi-Fi and the remaining entries...
View ArticleGeneral Discussion: RAID LIVE imaging
I have done both. F-Response on either scenario then use your tool of choice on your capture/exam machine.
View ArticleGeneral Discussion: DIY antistatic shelf
Thanks Patrick for the reply. The drive caddie was not really in my plans but maybe it could be a solution. I am planning to use "bare bone" hard disks with the duplicator. One will be the suspect disk...
View ArticleGeneral Discussion: safely removing external HDD fails due to System $extend.
Hello I am asking advice about this subject here as no common computing expert waas able to answer me regarding this question: I have an external HDD containing a truecrypt , encrypted folder. When I...
View ArticleDigital Forensics Job Vacancies: Mobile phone examiners needed-Dubai
I am looking for applicants for a mobile phone examiner slot. The successful applicant(s) will need to be certified in XRY and/or Cellebrite. Experience with Radio Tactics Athena and ACESO would be...
View ArticleEducation and Training: Which Forensic certificate(s) are most in demand?
jhup wrote: You want them to have all of these certifications, and only 3 years of experience? qle479 wrote: Just wanted to add my bit of info on this as our dept is currently looking for a Forensic...
View ArticleForensic Software: The X-Ways Forensics Practitioner's Guide
Fantastic, can't wait for the book gents.
View ArticleForensic Software: Wireshark capture file?
your request is pretty vague, but... wireless: join the network and then listen on your wireless interface. you will have to get the wireless card in promiscuous mode to capture everything. backtrack...
View Article