±Forensic Focus Partners

Become an advertising partner

±Your Account


Username
Password

Forgotten password/username?

Site Members:

New Today: 1 Overall: 34611
New Yesterday: 6 Visitors: 250

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

±Latest Webinars

Reviews

Reviews

2018


2018

Executing Windows Command Line Investigations

by Chet Hosmer, Joshua Bartolomie and Rosanne Pelli

Reviewed by Scar de Courcier, Forensic Focus


Ensuring the integrity of evidence is one of the most important parts of the digital forensic investigation process, and yet according to some reports it is one of the most frequently overlooked in courses on the subject.

The title of Hosmer, Bartolomie & Pelli's book is Executing Windows Command Line Investigations While Ensuring Evidentiary Integrity, and as far as I can tell it is the only book that gives a step-by-step guide to the Windows command line for DFIR practitioners.   more ...

2018

Data Pilot 10 From Susteen

Susteen’s Data Pilot 10 aims to make it easier for digital forensic examiners to acquire evidence from mobile devices in the field and analyse it back in the lab. In this review we will take a look at some of the Data Pilot’s key features and how it functions in a field environment.   more ...

2018

Enterprise 6.5.1 From AccessData

by Jade James

AccessData are well known throughout the digital forensics world for products such as FTK, AD Triage and FTK Imager. Their forensic investigation software tools help law enforcement officials, corporate security, and IT professionals access and evaluate the evidentiary value of files, folders, and computers.

AD Enterprise 6.5.1 allows you to process large volumes of data quickly, remotely and covertly whilst maintaining the chain of custody. It is available as a virtual license or on a physical dongle and can be installed on Windows 7, Windows 10, Windows Server 2012 and Windows Server 2016.   more ...

2018

BlackLight From BlackBag

by Scar de Courcier

In recent months there have been several new and exciting developments to BlackBag’s BlackLight solution. BlackLight helps investigators to analyse computer volumes and mobile devices; it can acquire Android and iPhone devices and runs on Mac or Windows. We took a look at some of the latest changes and how they work.


User Interface

The new interface is the first major change. BlackBag had received a number of requests for filtering across multiple volumes at one time. Although it was always possible to search across these, filtering was not an option until recently. Now when you add each volume, it is automatically assigned a number in the order in which the data is ingested. You can then sort using one of the built-in filters, and see where the data you’re looking for can be found in each volume.   more ...

2018

Analyze DI Pro From Griffeye

by Scar de Courcier, Forensic Focus

Griffeye Analyze sprung from a need for better triage and decreased investigator stress in child exploitation investigations. Specialising in visual media, the idea is to increase workflow whilst decreasing the level of exposure for analysts.   more ...