±Forensic Focus Partners

Become an advertising partner

±Your Account


Username
Password

Forgotten password/username?

Site Members:

New Today: 0 Overall: 36212
New Yesterday: 0 Visitors: 107

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

±Latest Videos

±Latest Jobs

Search found 117 matches

Re: Recover server deleted logs using FTK

Post Posted: Jul 01, 19 10:22

First, you have to learn how to do digital forensics.

Then, take your image of the server and retry.
redcat
Topic: Recover server deleted logs using FTK
Replies: 2
Views: 2200
 

Re: FTK Image Properties

Post Posted: Jul 01, 19 10:20

Just mount the AD1 in FTK Imager as you have done and then image the contents uncompressed to another AD1 or whatever container you prefer to use. Then the size is the size.

But I agree, this is a ...
redcat
Topic: FTK Image Properties
Replies: 4
Views: 1996
 

Re: Oxygen Forensics , XRY or Cellebrite - Which one is bet

Post Posted: May 27, 19 19:56

Cellebrite is easier to work with, seems to support more devices, and has better reporting capabilities. If I had to choose a single mobile forensic tool it would always be Cellebrite. That said, the ...
redcat
Topic: Oxygen Forensics , XRY or Cellebrite - Which one is better?
Replies: 11
Views: 11555
 

Re: How best to deal with paranoid/delusional clients

Post Posted: Apr 23, 19 09:37

Interesting topic. I have encountered this on several occasions over the years; like you, mental health issues are usually suspected. Similarly, I don't really know how to broach this, as it's a diffi ...
redcat
Topic: How best to deal with paranoid/delusional clients
Replies: 5
Views: 1671
 

Re: A question about operating systems

Post Posted: Jan 08, 19 18:58

A competent forensic investigator should be comfortable using all major versions of Windows, Linux, and MacOS and will use whichever is most appropriate for whatever they are investigating.
redcat
Topic: A question about operating systems
Replies: 5
Views: 2324
 

Windows 8.1 x64 Process ID behaviour

Post Posted: Oct 18, 18 12:28

Does anybody out there know off the top of their heads how Windows 8.1 (or 10) behaves in terms of allocating and then releasing and/or reissuing PIDs please? Specifically if process A gets PID 1234 t ...
redcat
Topic: Windows 8.1 x64 Process ID behaviour
Replies: 1
Views: 991
 

Re: Office 365 forensic

Post Posted: Aug 10, 18 17:02

My former colleague Adam Harrison has published some decent research into this very area:

https://blog.1234n6.com/2018/07/investigating-office365-account_12.html
redcat
Topic: Office 365 forensic
Replies: 5
Views: 2892
 
Page 1 of 17
Page 1, 2, 3 ... 15, 16, 17  Next