Education and Training: Book on how to conduct an investigation?
Audio wrote: Anyone know if there is a book that takes a general high level view on how to conduct an investigation? I figure since traditional forensics has been around for much longer and is a much...
View ArticleEducation and Training: Teaching yourself
One good way to learn is to write a program to analyse/ investigate/view certain issues that interest you.
View ArticleGeneral Discussion: Feedback on a New Forensics Website
Just my first impression on the site, have a close look at the language being used (the grammar is not the best either). Try and avoid phrases like "use the evidence against the suspect", police or...
View ArticleGeneral Discussion: Shell icon overlay identifiers (Registry Keys)
How do you know that keys existed in the Wow6432Node in the first place? Are you seeing deleted keys there? In my installation of Dropbox, there are no keys in this node. I am running a 64 bit...
View ArticleGeneral Discussion: Feedback on a New Forensics Website
Perhaps this is a little away from the point; but is a WordPress site enough to get you credits? I finished uni a couple of years ago, and I had to write everything from scratch (we weren't even...
View ArticleMobile Phone Forensics: Lamborghini phone
Hey Fort, Looks like we managed to get a Physical Dump out of it today using UFED Touch. May be some folks here could get you a plug in to decode the dump...
View ArticleMobile Phone Forensics: MXNEC phone
Hey, Looks like we managed to get a physical using UFED today, you might wanna ask the folks here is anyone has a good plug in decoder for MTK phones. Tks.
View ArticleEducation and Training: Caution-Infosec Institute Online Computer Forensics...
I'm sorry you feel cheated regarding that course, but it can be found within 30 seconds how others from this very forum feel about it, and another 10 seconds how the rest of the community feels. How...
View ArticleEducation and Training: Finding hacks over teamview
I play online games competitively. Sometimes people try to use hacking programs in the matches to win, but we can use a program called teamview to see their computer screen and have control of their...
View ArticleForensic Software: ILooKIX - What do you think?
I'm probably not using the correct terminology. The kernel is not debian or red hat or anything like that. We were able to write to NTFS using it long before it was common for linux users to be able to...
View ArticleMobile Phone Forensics: Mobile Forensics solution help (Cellebrite vs. Paraben)
MPD3373 to have access to other materials so as to cover as many bases as possible have you visited Bill Teel's website MobileForensicsCentral (http://www.mobileforensicscentral.com/mfc/products.asp)...
View ArticleForensic Software: EnCase 7 vs FTK4
PM_SQ wrote: Use their specifications guide to configure your system properly, put your DB on a dedicated SSD. And your ADTemp folder if you can. If in doubt, move the whole user directory in your...
View ArticleMobile Phone Forensics: adv examination on galaxy s3
Can anybody shed some light for me please? I am told there is such an exam as adv for an s3 -granted adv could stand for advanced- The exam will tell the exact times of illumination of the handsets...
View ArticleEducation and Training: Finding hacks over teamview
I doubt that the TeamView method is valid "generally". I mean in forensics (real digital forensics) the procedure is almost invariably the same (with some possible exceptions of course): "freeze"...
View ArticleForensic Hardware: Motherboard Recommendations
Went with another ASUS RIVE and added 64GB of Corsair 1866 RAM. Everything works fine EXCEPT I can not get Windows to report the full 64GB of RAM in the System window. The UEFI BIOS reports ~48GB in...
View ArticleEducation and Training: Training in Northern California (Santa Cruz, CA)
I hope a bump is okay? The April class has now since passed and was great. We still have the June and August classes with some openings, so if you are interested please reach out!
View ArticleGeneral Discussion: Mount Image Pro 4 and Truecrypt
gilly_uk wrote: Thanks for the hint <img src="images/smiles/icon_biggrin.gif" alt="Very Happy" title="Very Happy" /> I was running Win 7 x64.You are welcome <img...
View ArticleForensic Software: ILooKIX - What do you think?
jaclaz wrote: Maybe I am the only one using logic (or my logic is a particular kind of logic <img src="images/smiles/icon_eek.gif" alt="Shocked" title="Shocked" /> ) but till now I had gathered...
View ArticleMobile Phone Forensics: Need to get data from locked Motorola XT862 Verizon ASAP
my general suggestions tho are - try to find an equal spare device - try everything on it before "attacking" the real evidence - the techniques are generally invasive when it comes to flashing and...
View ArticleGeneral Discussion: Case File Sizes
Most of all my my CP cases I have worked, I have been getting 6-10 HDs (200GB-1TB) to examine. My department is running out of storage space.
View Article