Education and Training: Writing Patterns Directly to Memory
Hi, Jaclaz, thanks for the information I will have a look into the guides you have put up. I have a bit of spare time to have a play around with the commands before I have to do the actual experiments....
View ArticleEducation and Training: Writing Patterns Directly to Memory
Christ143uk wrote: about the writing my own boot code but this may not be viable in the amount of time I have With all due respect <img src="images/smiles/icon_smile.gif" alt="Smile" title="Smile"...
View ArticleForensic Software: Picture viewer with the timeline
If I understand your question correctly Reconnoitre can do this for you. Its designed to work with images (and disks/volumes) but it would be easy to drop your images on a thumb drive and parse... If...
View ArticleMobile Phone Forensics: Junk Science? Your thoughts.
Larry interesting feed back thanks. Just a point are you sure i said those points you say that i am misinformed?
View ArticleForensic Software: A $LogFile parser utility for NTFS
The tool have been updated with lots of fixes and other configurable options to make it much more accurate and userfriendly. Import of output from mft2csv must be from latest mft2csv version (also...
View ArticleGeneral Discussion: question please
3ammary wrote: if i have file on drive d:/ which has created time 1-1-2013 . then it has been moved on the same harddisk . Okay, XP...let's assume NTFS. A file was created on the D:\ volume, and then...
View ArticleGeneral Discussion: FAS extraction - SOLVED DISREGARD
Has anyone had to retrieve data from a FAS setup? From what I can gather FAS (Fabric Attached Storage) is for all intents and purposes the same as NAS but with more connection and configuration...
View ArticleGeneral Discussion: lnk files analysis
CopyRight wrote: So Guys, 2 questions about lnk files, in the lnk file shown below, you can see the local path includes alot of Null values, why is that? No idea. Which tool produced that output?...
View ArticleGeneral Discussion: Acquisition of web site content
liguoroa, I would acquire the website using a few different options, e.g. wget, HTTrack, FAW, etc. and then compare the results to determine which one gives you the most complete/accurate results....
View ArticleMobile Phone Forensics: Junk Science? Your thoughts.
trewmte wrote: Larry interesting feed back thanks. Just a point are you sure i said those points you say that i am misinformed? I think you may have misread my post. In the first paragraph, I am...
View ArticleGeneral Discussion: Bitcoin Forensics Part II: The Secret Web Strikes Back
Article: Bitcoin Forensics Part II: The Secret Web Strikes Back Quote:: In an earlier article Jad Saliba of Magnet Forensics talked about Bitcoin, Tor and some of the hidden websites only accessible...
View ArticleGeneral Discussion: lnk files analysis
dont assume FTK is doing it right. what does the lnk files contents look like in hex? are all those NULL characters there? if not, find a new tool =)
View ArticleGeneral Discussion: Linux Forensics
Hi guys, Are there any books, online repositories or information regarding analysis of Linux OS's (ubuntu for example)? Im interested in finding out a bit more about the artefact types etc
View ArticleGeneral Discussion: FAS extraction - SOLVED DISREGARD
Just for info, It would seem that you are talking about a NetApp filer. They are basically NAS arrays. They run a proprietary raid called raid-dp, which is based in raid 6, and the file system is...
View ArticleGeneral Discussion: Working with iLook IXimager Images
Good Afternoon, We have some image files that were captured using iLook IXimager version 2.1 from December 24th 2007. We are struggling to find a way of interpreting or converting the image files. I...
View ArticleClassifieds: Cellebrite UFED Touch Ultimate (Rugged Version) for Sale
Is the unit still for sale? EFR
View ArticleMobile Phone Forensics: Best Practice to bypass Android lock
gryhound wrote: Like most, our department is seeing more and more pattern locked Android phones. We currently use Cellebrite UFED for our extractions, but with most Androids, rare is the day that one...
View ArticleEducation and Training: What Certs to get?
Wise and powerful forensic experts I beseech ye! I have my Msc In Digital Forensics, as well as my Meng in engineering, I have roughly 4 years of experience. I keep getting told I am too inexperienced...
View ArticleForensic Software: Picture viewer with the timeline
Check out Ghiro: http://www.getghiro.org/ It has more features than adroit, and it is open source..
View ArticleGeneral Discussion: Working with iLook IXimager Images
Contact has been made with Jim Baker at Perlustro and help has been provided. Thank you for peoples time and assistance.
View Article