Mobile Phone Forensics: China Clones
What kind of chinese phones?There are two kinds of chinese phones: 1 those made by china's relatively big companies such as Haier,ZTE,Huawei,Changhong,Bird 2 those made by minor companies(typically...
View ArticleMobile Phone Forensics: China Clones
Excellent feed back Thankyou to you all for your thoughts and software suggestions.
View ArticleGeneral Discussion: '.M4A' files and parsing the original created date
Dforensic5 wrote: Jaclaz, ... Once again thanks for your help.Good <img src="images/smiles/icon_smile.gif" alt="Smile" title="Smile" /> , you are welcome. jaclaz
View ArticleGeneral Discussion: localizing a mounted HD
Update (should be on "News", but I am posting it here so that Keydet89 and other people having issues with Total Mounter and it's "Chinese origin" can take notice of this). Another driver (this time a...
View ArticleGeneral Discussion: EnScript - How To Create one?
Chris_Ed wrote: lance wrote: I am no expert.. Forensic Focus UnderStatement Of The Year right here, ladies and gentlemen. Lance, I've personally found your tutorials to be better than even the official...
View ArticleGeneral Discussion: Digital Evidence Storage Ideas (Encase 7 Specific)
Hello, Just wondering how other members store and backup there digital evidence? Mainly E01 and E01X files. Currently our plan was build a hardware raid setup which would be connected to 2 workstations...
View ArticleGeneral Discussion: Info about uTorrent
One more, if you want to parse .torrent files themselves, try this one: http://sourceforge.net/projects/dumptorrent/ Good luck! Greg
View ArticleForensic Software: Remote Internet Explorer 10 history analysis
I am not familiar with how IEHV works, but if all you need is access to the drive, give F-Response a try. It can connect to a remote machine and mount a drive locally through iSCSI. To Windows, the...
View ArticleDigital Forensics Job Vacancies: Digital Forensics examiner, Charleston, SC, USA
Hey Bulldog, I applied for the position, I think it is awesome that you are looking to help someone get their foot in the door and get a start in Computer Forensics because it is so rare. I am about to...
View ArticleGeneral Discussion: Searching a hard drive for Evidence of FRAUD
I did not find an encrypted volume yet. I am a fairly new investigator and am unsure how to go about locating an encrypted volume. The suspect has two hard drives each with a default directory...
View ArticleGeneral Discussion: Interview with John Huperetes (username 'jhup')
An interview with John Huperetes, Senior Forensics Instructor and forum member 'jhup' is now online here. Many thanks to John for taking the time to share this thoughts! Jamie
View ArticleGeneral Discussion: ISO 17025
Should it be of use, there is a freely available book: http://www.unido.org/fileadmin/user_media/Publications/Pub_free/Complying_with_ISO_17025_A_practical_guidebook.pdf (published by the United...
View ArticleGeneral Discussion: Identifying the message direction in Skype's Message table
Hello, I carved some deleted Skype records from a main.db file and all the record fields seem to be correctly read, including the last ones, so the records have certainly not been overwritten (I also...
View ArticleForensic Software: YouTube Forensic s/w - free licences to LE
Good afternoon one and all YouTube Investigator v2.6.2 - improved performance on x64 platforms and on Win8.1 - download multiple videos simultaneously - additional video formats for output - search...
View ArticleGeneral Discussion: Youtube Video Forensics
Good afternoon Bruno, + Does youtube save the original videos? The original version of the uploaded video content is cached on YT servers very briefly (a matter of hours) - it is compressed and...
View ArticleForensic Software: FTK help.
Good afternoon Ehdelvin, Are you by any chance using FTK v1.8x? The standalone generation of FTK will simply not permit an incomplete or corrupted image set to be loaded and processed. It may be a...
View ArticleMobile Phone Forensics: Chip Off - Ace Laboratory - Russia
Do not underestimate the Russians, Indians, Pakistanis and Chinese when it comes to hard core chip-off work. I watched third-world lab worker reball a micro-FCBGA with a $2 soldering iron, like as if...
View ArticleGeneral Discussion: Virtual Machine Question
jmrose wrote: We do not want to take snapshots of the clones and back them up. We are mainly interested in being able to get the registry information from the clones. Do we need to copy the entire VMDK...
View ArticleGeneral Discussion: Acquisition of web site content
Zavattari wrote: As already said, You can copy web site using HT Track but for forensics purpose is useless. HT Track modify the source content of the page. If you find a content copied, you should use...
View ArticleForensic Software: Picture viewer with the timeline
Generate a report with Adroit and it will show you all manner of information along with the photo.
View Article