Software
Most Recent
 
Read More
2017-11-26

Volatility Workbench Overview

Volatility is a well know collection of tools used to extract digital artifacts from volatile memory (RAM). PassMark Software has released Volatility Workbench to aid the use of Volatility with OSForensics.

 

81
 
Read More
2017-11-18

Windows memory forensics on MacOS.

Daniel Pistelli shared a short post about Windows memory forensics on OSX. He described a piece of software called Profiler.

 

45
 
Read More
2017-11-17

FatCat Overview

The file system is the contents of the notepad, and the file is the word. For hard disks in a PC at the moment, two file systems are most common: FAT or NTFS. First FAT (FAT16) appeared, then FAT32, and then NTFS.

42
 
Read More
2017-11-11

RunPE Overview

Most hackers use remote access Trojans (RATs) and they almost always use the RunPE method. This method generates a legitimate process executable (PE) file, so this is often the default browser or Microsoft system process, and replaces it with malicious code directly in memory. This allows the computer to process malicious code as a legitimate process. As soon as this happens, your antivirus program does not know that your browser is effectively turned into a virus by default.

25
Latest Headlines
 
Read More
95
 
Read More
70
 
Read More
47

Trending Topics
digital forensics
computer forensics
mobile forensics
Articles
DFIR
digital forensics software
Android forensics
windows forensics
iOS forensics
Top Stories
 
 
Right Now
 
bstrings 1.0 released
Top Five
Heat Index
 
1
Decrypting encrypted WhatsApp databases without the key
 
2
Chip-off Technique in Mobile Forensics
 
3
How to Make the Forensic Image of the Hard Drive
 
4
Extracting WhatsApp database and the cipher key from a non-rooted Android device
 
5
Extracting data from a damaged iPhone via chip-off technique