±Partners and Sponsors
New Today: 2
New Yesterday: 7
±Follow Forensic Focus
· Samsung Galaxy Android 4.3 Jelly Bean acquisition using Joint Test Action Group (JTAG)
· Safer Internet Day
· Webmail Forensics – Digging deeper into Browsers and Mobile Applications
· Operation Endeavour: The Tip of the Iceberg?
· Forensic analysis of the ESE database in Internet Explorer 10
· WhatsApp – discovering timestamps of deleted messages
· Man In The Middle Attack: Forensics
· Extracting Evidence from Destroyed Skype Logs and Cleared SQLite Databases
· Windows 8 File History Analysis
ReviewsBack to top Back to main Skip to menu
When this review started at the beginning of August 2012, Internet Evidence Finder (IEF) was a project of Jad Saliba of JADSoftware. At that time the version was 5.41.
The interface was simple, and IEF was an easy to use tool that found a lot of artifacts and displayed them in an easy to follow report.
In the middle of August I was contacted by Adam Belsher of JADSoftware and told there was going to be a few major changes coming to JADSoftware. A week later Saliba announced “JADsoftware has a new identity, including a new company name – Magnet Forensics.” more ...
Just about every individual who is immersed in the Information Technology field has either personally experienced it, or knows someone who has: The hard drive “click of death”. For most, this sound is the start of a downward spiral of doom and depression and eventually a large bill from a data recovery company. For some, however, this is the beginning of a new field of interest in technology. There is only one problem: The field of hard drive data recovery is one that is still shrouded in secrecy and misinformation. How can someone break into an industry where advice is doled out in hushed tones and newcomers are shunned and told to seek professional (read:$$$) help? more ...
You’re probably aware by now that peer-to-peer (P2P) networks are a pretty successful and popular method of distributing data over the internet. It’s easy to see why; the client software that the end user installs can be very small, simple to use, and more often than not works like a charm. It’ll usually download a file from multiple locations ensuring high download speeds, will immediately make the file available for upload to others, will deal with missing chunks of data and dropped connections and when it’s finished downloading every piece of the file it’ll make a contiguous usable file from all the data chunks, all without any centralised management system. Brilliant. Which makes me wonder why P2P appears to be used almost exclusively to distribute contraband material and hardly ever as way to distribute legitimate files. more ...
Here’s two things you can be sure of; hard drives will constantly increase in capacity and the requirement to finish the job as soon as possible at minimum cost will be an ever present. So any device which may result in being able to complete our tasks quicker has got to be worth a closer look. Creating forensic images is the foundation of our work, but let’s face it, is pretty boring and even worse, dependent on where it’s being done, can be actively hostile. Happily, there’ve been some recent developments in the field of imaging, with the all-in-one devices of the Image MASSter Solo 4 Forensic and the Logicube Forensic Dossier being released, and on the software side Tableau’s and Guidance’s latest imaging software have been launched, both taking advantage of multi-core processors to help expedite the imaging process. more ...
A photos-only application can be a very handy part of a digital forensic examiner's “toolkit.” Many cases revolve around recovered images, whether the matter is criminal, civil or domestic. Adroit Photo Forensics from Digital Assembly (Brooklyn, NY, USA) has been created as just such a tool. The current version, 1.003, of Adroit Photo Forensics was released commercially in September 2009. Full disclosure: I was one of the testers of the first few beta versions, but have no financial interest in the company or their products, other than receiving a copy for evaluation purposes. more ...