Tag: Forensics

Autopsy is an open-source tool that performs forensic operations on the disk image of the evidence. Here, we display the forensic investigation that we conduct on the disk image. The results we obtain here help investigators locate relevant information. Law enforcement agencies and local police use this tool, and corporates can also use it to […]

Volatility Workbench is a GUI version of one of the most popular tool Volatility for analyzing the artifacts from a memory dump. It is available free of cost, open-source, and runs on the Windows Operating system. You can download it from Here. You can refer to the previous  article Memory Forensics: Using Volatility from here,  […]

AccessData offers FTK Imager, an open-source software that creates accurate copies of the original evidence without making any changes to it. The original evidence image remains the same and enables us to copy data at a much faster rate, which we can soon preserve and analyze further. The FTK imager also provides you with the […]

Cybercriminals and attackers have become so creative in their methods that they have started hiding critical data in the volatile memory of systems. Today, in this article on Memory Forensics with Volatility Framework, we will gain a deeper understanding of live memory acquisition and its forensic analysis. Investigators use live memory acquisition as a crucial […]

In this article, we will be focusing on shellbags and its forensic analysis using shellbag explorer. Shellbags are created to enhance the users’ experience by remembering user preferences while exploring folders, the information stored in shellbags is useful for forensic investigation.To learn more about Cyber Forensics. Follow this Link Table of Contents Introduction Location of shellbags […]

In this article, we will learn how to perform a forensic investigation on a Page File. There is a lot of information that can be extracted from valuable artifacts through a memory dump. Yet, there is more: you can perform memory forensics even without a memory dump that is by virtual memory analysis. There are […]

In this article, we will be using Disk Drive Signature to identify any suspicious changes in systems’ directories or files. Creating such signatures can help us protect our data in various ways. Table of Contents Introduction Creating disk signature Comparing disk signature Introduction A disk drive signature is created to identify the suspicious changes in […]

In this article, we are going to study an important artifact of Windows, i.e. prefetch files. Every time you do anything on your Windows system, a file is created. These files are called Prefetch files. Through this article, we will learn how these are important and why do we need them. Table of Content Introduction […]

In this article, we will utilize the quick incident response tools recorded beneath to gather information. All these tools are a few of the greatest tools available freely online. Through these, you can enhance your Cyber Forensics skills. Table of Content Live Response Collection-Cederpelta Build CDIR(Cyber Defense Institute Incident Response) Collector Fast IR Collector Panorama […]

In the first part of this article, we have seen the Elements of a Digital Crime, Goals of Digital Forensic Investigation, Classification of Digital Forensics, Digital Evidence, Principles of Digital Forensics, Process of Forensic Investigation, Types of Tools, etc. For the First Article on Introduction to Digital Forensics. Follow this Link. Table of Contents Understanding […]