本エントリは This Week in 4n6 (FourAndSix=Forensics) で紹介された各記事の冒頭を表示し、チェックする記事をザッピングするために自動生成&投稿したものです。4n6 は こちら からご確認いただけます。
FORENSIC ANALYSIS
Alexander Tasse
Blue Team Labs — “Network Analysis — Web Shell”Scenario:5 min read·Aug 21--AlexanderBlue Team Labs — “Employee of the Year”Scenario:4 min read·Sep 13--See all from AlexanderRecommended from MediumJSaxenaShodan for Blue Team — Part 2Introduction:8 min read·Sep 1--Danny VargasSetting up VirtualBox Home Lab NetworkHaving a home lab network is necessary for any IT professional from Full Stack Developers to Cyber Security Engineers. Today, I will go…6 min read·Jul 20--ListsNow in AI: Handpicked by Be...
Emi Polito at Amped
Emi Polito September 19, 2023 Hello folks, good to see you back to our series “Learn and solve it with Amped FIVE” that focuses on how to solve common challenges related to video evidence using Amped FIVE. This week we are going to expand on the concept of stabilization and frame integration, and discuss how we need to apply a perspective stabilization and super resolution in order to clarify a planar surface (such as a license plate) when it is changing its angle and/or distance to the camera l...
Angry-Bender’s blog house
A SIEM On the Cheap - Using Sqlite for Data Analysis September 18, 2023 2 minute read On this page IntroductionPre-RequisitesConversion from CSV to SQLITEOpening SQLiteImporting your CSV FileOpening your SQLITE FilePerforming Analysis Introduction When doing investigations, its quite common to need to read large amounts of data, usually contained in CSV Files. While there are many solutions out there for reading these files, the more I have used SIEM’s for searching, the more i have found myself...
Belkasoft
Introduction Apple's iCloud service has long been a go-to platform for users to store their photos, documents, application backups, and more, which has also made it a valuable source of data for criminal and cybersecurity investigations. One big advantage it gives is the possibility to access user data even if the device is not available. At the same time, Apple is continually enhancing the security of iCloud data storage, which often poses challenges for data acquisition. One significant develo...
Brian Maloney
OneDriveExplorer was unable to parse out some of the ODL logs and in other instances the parameters of the logs are a jumbled mess. So I tried Yogesh Khatri's OneDrive to see if it was something OneDriveExplore was doing wrong. It generated quite a few "Error in read_string()" and "ERROR writing rows: >class '_csv.Error'< need to escape, but no escapechar set" errors and the same jumbled mess appeared in some of the Params_Decoded field. Something seems to be amiss. Finding the issue There has t...
Matt Muir at Cado Security
Doug Metz at Baker Street Forensics
DFIR, Forensic Imaging, PowerShell, Presentations, RAM I’m excited to share with you a new script I’ve written, Magnet RESPONSE PowerShell. Magnet RESPONSE is a free tool from Magnet Forensics that makes it easy for investigators as well as non-technical operators to collect triage collections quickly and consistently. Released initially as a GUI tool for law-enforcement investigators, it’s a single executable that requires no installation. The available command line syntax also makes it very fl...
DS4N6
This website www.ds4n6.io uses its own and third party cookies to collect information that helps to optimize your visit to their web pages. Cookies will not be used to collect personal information. You can either allow or reject their use. You can also change their settings at any time. You will find more information on our Cookie Policy page. OK HOME ABOUT BLOG KNOWLEDGE TOOLS NEWS EVENTS COMMUNITY CONTACT HOME ABOUT BLOG KNOWLEDGE TOOLS NEWS EVENTS COMMUNITY CONTACT HOME ABOUT BLOG KNOWLEDGE T...
Forensafe
22/09/2023 Friday SIM stands for "Subscriber Identity Module." It is a small, removable card used in mobile phones and other cellular devices to identify and authenticate the user on a mobile network. Each SIM card has a unique ICCID (Integrated Circuit Card Identifier) and IMSI (International Mobile Subscriber Identity). Digital Forensics Value of Android Last SIM Collecting information related with the SIM card, such as ICCID and IMSI, can help in identifying the owner of the mobile device and...
Forensic Science International: Digital Investigation
Magnet Forensics
In part one of our Portable Case series, we looked at the features and benefits of Portable Case. We highlighted the power of real-time collaboration with multiple stakeholders and having all the feedback collected in one place. How to: Magnet AXIOM Portable Case for Non-Technical Stakeholders Portable Case is a feature available in Magnet AXIOM that allows users to share their findings from an investigation with stakeholders who might not be forensic examiners or have access to a full version o...
With another year gone by, it’s time for another version of iOS to hit the market to coincide with the release of the iPhone 15 series and Apple’s first inclusion of the USB-C port to its iPhone line. While the USB-C port is old-hat for macOS devices and even several years old for iPadOS devices, bringing it to Apple’s mainstream mobile device will certainly bring some changes for forensic professionals. Let’s take a look at both the changes and features of iOS 17 as well as some forensic impact...
Nived Sawant
Packet analysis using Network MinerNived Sawant·Follow5 min read·10 hours ago--ListenShareCold as Ice: Unit 42 Wireshark Quiz for IcedIDEveryone loves a Packet analysis challenge, eh?The internet is an immense universe filled with a wealth of knowledge and resources waiting to be explored. Like a vast library, it holds the answers to countless questions, the keys to various interests, and the solutions to numerous problems. The catch? You need to know where to look.I found a couple of interestin...
Salvation DATA
Technical Tips 2023-09-21 Content Overview 3 Deletion Methods in SQL Server 3 Recovery Methods for SQL Server Case Study Notes Content Overview 3 Deletion Methods in SQL Server 3 Recovery Methods for SQL Server Case Study Notes Overview During the evidence collection process, investigators often encounter situations where SQL Server records have been deleted. To avoid interruptions during the investigation, it’s essential to use SQL database recovery software to recover the deleted records. This...
Bill Marczak, John Scott-Railton, Daniel Roethlisberger, Bahr Abdul Razzak, Siena Anstis, and Ron Deibert at The Citizen Lab
Apple has just issued an update for Apple products including iPhones, iPads, Mac computers, and Apple Watches. We encourage all users to immediately update their devices. Key Findings Between May and September 2023, former Egyptian MP Ahmed Eltantawy was targeted with Cytrox’s Predator spyware via links sent on SMS and WhatsApp. The targeting took place after Eltantawy publicly stated his plans to run for President in the 2024 Egyptian elections. In August and September 2023, Eltantawy’s Vodafon...
