For the German journal iX we tested recently the Shadow 2 box from VOOM Technologies
Live Evidence Preview with Shadow 2
«
29 September 2006 |
18:10 |
Forensics, Tools |
No Comments | 1,841 Views
»
NIST Draft on Cell Phone Forensics
«
6 September 2006 |
7:20 |
Forensics, Guidelines, Tools |
No Comments | 1,725 Views
»
NIST recently published a new draft on Cell Phone Forensics for public comment. Download here.
NIST recently published a new draft on Cell Phone Forensics for public comment. Download here.
Computer Forensics Training in Berlin
«
2 September 2006 |
12:31 |
Events, Forensics |
1 Comment | 1,686 Views
»
My company the HiSolutions AG plans a hands on computer forensics training in Berlin. More information are available on http://computer-forensik.org in geman language.
My company the HiSolutions AG plans a hands on computer forensics training in Berlin. More information are available on http://computer-forensik.org in geman language.
The Sleutkit 2.06 and Autopsy 2.08
«
2 September 2006 |
11:57 |
Forensics, Tools |
22 Comments | 3,957 Views
»
Brain Carrier just released new version of his disk forensics tools. You can download The Sleuthkit 2.06 an Autopsy 2.08 from http://www.sleuthkit.org/. Update: There is a new windows version available.
Brain Carrier just released new version of his disk forensics tools. You can download The Sleuthkit 2.06 an Autopsy 2.08 from http://www.sleuthkit.org/. Update: There is a new windows version available.
Live View released
«
29 August 2006 |
13:48 |
Forensics, Live Response, Tools |
2 Comments | 1,972 Views
»
Brian Kaplan from Carnegie Mellon University just released a tool called Live View. With Live View you can convert a raw dd image or physical device to a VMware virtual machine.
Brian Kaplan from Carnegie Mellon University just released a tool called Live View. With Live View you can convert a raw dd image or physical device to a VMware virtual machine.
The Sleuth Kit 2.05 released
«
30 July 2006 |
21:23 |
Forensics, Tools |
No Comments | 1,664 Views
»
Brian Carrier just released a new version of his computer forensics tool kit *). Changes on The Sleuth Kit (TSK):
Brian Carrier just released a new version of his computer forensics tool kit *). Changes on The Sleuth Kit (TSK):
Cell Phone Forensics Tools
«
7 July 2006 |
11:33 |
Forensics, Mobile Devices, Tools |
2 Comments | 3,500 Views
»
Cell Phone Forensics Tools Last year the NIST published an interesting paper about Cell Phone Forensics Tools. They tested a couple of this tools and made some interesting remarks on working with them.
Cell Phone Forensics Tools Last year the NIST published an interesting paper about Cell Phone Forensics Tools. They tested a couple of this tools and made some interesting remarks on working with them.
Forensic memory dumping issues
«
6 June 2006 |
11:44 |
Forensics, Live Response |
No Comments | 2,144 Views
»
Arne Vidstrom from ntsecurity.nu wrote an interesting paper about problems with forensic RAM dumps from Windows XP. His summary on this topic
Arne Vidstrom from ntsecurity.nu wrote an interesting paper about problems with forensic RAM dumps from Windows XP. His summary on this topic
Sleuthkit 2.04 and Autopsy 2.07 published
«
26 May 2006 |
12:57 |
Forensics, Tools |
No Comments | 1,902 Views
»
New versions from Sleuthkit & Autopsy. Brian Carrier published new versions from his outstandig open source forensics tools. Sleuthkit 2.04 has the following bugfixes and new features (taken from changelog):
New versions from Sleuthkit & Autopsy. Brian Carrier published new versions from his outstandig open source forensics tools. Sleuthkit 2.04 has the following bugfixes and new features (taken from changelog):
windows memory analysis
«
6 April 2006 |
22:09 |
Forensics, Live Response |
No Comments | 2,586 Views
»
Andreas Schuster recently published on his blog two interesting articles about process memory reconstruction. He describes how to
Andreas Schuster recently published on his blog two interesting articles about process memory reconstruction. He describes how to
