Posts Tagged ‘BitLocker forensics’

Most Recent
 
Read More
2018-12-23

History of cryptocurrency incidents

Cryptocurrency is conquering the world rapidly. It is considered that the main distinctive features of cryptocurrency are decentralization, anonymity and security. However, deception, fraud, extortion and hacking are only some of the methods that can be used to steal  your cryptocurrency.

59
 
Read More
2017-12-31

Volatility plugin to extract BitLocker Full Volume Encryption Keys

Computer attacks constantly worry administrators and computer users. Earlier we already talked about volatility.

Plugin for the platform Volatility Framework, whose goal is to extract the encryption keys Full Volume Encryption Keys (FVEK) from memory. It works from Windows 7 to Windows 10. Unfortunately, the support for Windows 8 – 10 is very experimental, but it works in most cases with a few quirks.

622
 
Read More
2017-03-13

How to Recover BitLocker Keys

Thomas White conducts independent research on DFIR / Infosec / Malvare outside the main work. He writes how the changes in BitLocker after Windows 7 affect the master recovery keys and where to look for when recovering the keys in his last post.

 

579
 
Read More
2016-05-20

Volatility Framework plugin for extracting BitLocker FVEK

This plugin, developed by Marcin Ulikowski, finds and extracts Full Volume Encryption Key (FVEK) from memory dumps and/or hibernation files.

441
Latest Headlines
 
Read More
262
 
Read More
148
 
Read More
423

Trending Topics
digital forensics
computer forensics
Articles
mobile forensics
DFIR
digital forensics software
Android forensics
windows forensics
incident response
Top Stories
 
 
Right Now
 
bstrings 1.0 released
Top Five
Heat Index
 
1
Decrypting encrypted WhatsApp databases without the key
 
2
How to Make the Forensic Image of the Hard Drive
 
3
Extracting data from SmartSwitch backups
 
4
Forensic tools for your Mac
 
5
Android forensic analysis with Autopsy