Mobile Phone Forensics: S7 Edge secure startup
shahar: I know pretty well the difference between Secure Boot and Secure Startup Sometimes you don't need to deal with the Trusted Zone, the encryption key derived from the hardware key and the user...
View ArticleGeneral Discussion: Interesting Supreme Court decision
Nick.Barker1011 wrote: CellHawk has a free support site to help investigators write their search warrants. Nick, for clarity/full disclosure, you should add your qualifications of Marketing Manager of...
View ArticleMobile Phone Forensics: Decrypt iOS Keychain
Well, I've been using Elcomsoft to deal with iOS encrypted backups but lately, it doesn't do good work as it can't get even 80% of the passwords and they are still shown encrypted. So, my question is,...
View ArticleGeneral Discussion: Mobile Forensics Discord Server
We're rapidly approaching 350 members. Just recently, an influx of TeelTech employees joined so we're thrilled to have them aboard along with the other vendors present.
View ArticleMobile Phone Forensics: iOS Bruteforce
Well I will disclose what hasn't work for me so far: I tested on iOS 11.4 and on 11.1.2 without success. I purchased a lightning to USB adapter that allows you to feed power and plug a usb device into...
View ArticleMobile Phone Forensics: iOS Bruteforce
I noticed something very interesting when re-watching the video he posted. At 16 seconds, if you pause it, you'll notice the following: HDBox-Keyboard. Now at this point he has plugged the phone in (to...
View ArticleGeneral Discussion: Are shell bags reset when new version of Windows installed?
I can't find any shell bags prior to installation of Windows 10. Previously it was running Windows 8.
View ArticleGeneral Discussion: Encrypted Mac image missing Recovery HDD and Un-mountable
So I restored this .img image to a physical disk and connect it to my macOS VM. Here are some more observations: - Using diskutil list in command line I can see the drive connected with three volumes -...
View ArticleMobile Phone Forensics: iOS Bruteforce
Figured it out! It does definitely work on 11.4 and almost as described by the author. They've updated the article, but I think he was close to on the money.
View ArticleGeneral Discussion: Are shell bags reset when new version of Windows installed?
Few questions (because I dont know the answer....the update could wipe shellbags, not sure) What is the install date of the OS compared to the creation date of the USRClass.dat? What is the creation...
View ArticleGeneral Discussion: Encrypted Mac image missing Recovery HDD and Un-mountable
@randomaccess it does sound like a feasible way to try. However I'm trying to get my head around how to do it - am I right in thinking that an 'option boot' (using the 'C' key at startup?) will allow...
View ArticleMobile Phone Forensics: NOTE 3 NEO SM-N7502 nand chip ??
Based on the different picture, that big chip to the left of SIM/microSD card reader. Should be a Toshiba eMMC, most likely BGA153.
View ArticleMobile Phone Forensics: iOS Bruteforce
Yeah I was reading the retractions yesterday. The piece I don't get is how he was able to send the full string without a timeout. Nothing I did could reproduce those results as both devices I tested...
View ArticleMobile Phone Forensics: Whatsapp ChatSearchV3 sqlite database
pcook8198 wrote: Hi Paul Fantastic. We've been scratching our collective brain cell to figure it out. Very much appreciated. Kind regards Paul Thank you for your help, Paul. I'm glad you were intrigued...
View ArticleGeneral Discussion: same usb at the same time !!
jaclaz wrote: And, AGAIN, you are mixing what happened on the SAME date: 1) early in the morning up to 8:30 AM 2) around lunch time, i.e. from 1:00 to 2:00 PM The "MicrosoftWindowsSystemRestoreSR"...
View ArticleDigital Forensics Job Vacancies: Digital Forensic\eDisclosure Position - MD5...
Digital Forensic\eDisclosure Position - MD5 - West Yorkshire MD5 Limited, based in Normanton, West Yorkshire are pleased to announce a very exciting opportunity for an experienced Digital...
View ArticleGeneral Discussion: Help with final project.URGENT
I really need help with my final project, Im planning to work on one of these topics. Small to Medium business DDOS Detection and protection with Data mining or DDoS protection frameworks/systems for...
View ArticleGeneral Discussion: Chip-Off recovery Olympus Recorder
We have a Olympus VN-7800 that we need to recover deleted recordings from. We went down the avenue of a Chip-Off recovery and obtained a full binary dump of the 4GB BGA169 chip. Looking at the data in...
View ArticleForensic Software: Axiom User Account Information
clou93 wrote: Hi Jamie, Thanks for your response, I hope the below helps: I am looking at at 'user accounts'. When looking at a particular user's account, in the pane on the right hand side it states...
View ArticleGeneral Discussion: Chip-Off recovery Olympus Recorder
UnallocatedClusters wrote: Hello, Can you share what is stored in the Index.dat file please? That might shed light on the other listed files. If you can extract out the files named...
View Article