Articles

Digital Forensic Techniques To Investigate Password Managers

by Dr Tristan Jenkinson In part one we discussed the importance that data from password managers can play. In part two, we look at aspects an investigation may include from a digital forensics perspective. How Password Managers Can Be Investigated

How To Digital Forensic Boot Scan A Mac With APFS

by Rich Frawley  In this short 3-minute video, ADF’s digital forensic specialist Rich Frawley shows how to boot a MacBook Air (APFS, non-encrypted) with Digital Evidence Investigator. The ADF digital forensic team is hard at work putting the finishing touches

The Potential Importance Of Information From Password Managers

by Dr Tristan Jenkinson There have recently been a number of articles discussing the use of common passwords and encouraging better password practices. Most guidance includes the recommendation not to use the same password for different accounts. This makes sense

Walkthrough: Quin-C Social Analyzer Widget From AccessData

Hello. This is Sven from the technical team here at AccessData. This video will feature the Social Analyzer widget. So let’s get started. Go to Quin-C and open the grid, just to see how many items we have in our

How To Conduct A Live Forensic Scan Of A Windows Computer

Learn how to conduct a Windows live scan with ADF Solutions Digital Evidence Investigator.  Two USB ports are required to complete a scan, one for the Collection Key and one for the Authentication Key, once the scan has started the Authentication

How To Use The Griffeye Intelligence Database

Beginning with version 19, Griffeye Analyze DI Pro and Core will start using the new Griffeye Intelligence Database, or GID, to replace the legacy intelligence manager. In this video, we’re going to discuss the changes that the GID brings to

Hunting For Attackers’ Tactics And Techniques With Prefetch Files

by Oleg Skulkin Windows Prefetch files were introduced in Windows XP, and since that time they have helped digital forensics analysts and incident responders to find evidence of execution.  These files are stored under %SystemRoot%\Prefetch, and are designed to speed

How To Decrypt BitLocker Volumes With Passware

Decrypting BitLocker volumes or images is challenging due to the various encryption options offered by BitLocker that require different information for decryption. This article explains BitLocker protectors and talks about the best ways to get the data decrypted, even for

How To Use Magnet AXIOM In Mac USB Investigations

Hey everyone, Trey Amick from Magnet Forensics here. Today we’re talking about Mac USB investigations, and what happens when we’ve been alerted that a USB has been inserted into an end point. Different organisations handle USB policies differently. Some have

Can Your Investigation Interpret Emoji?

by Christa Miller, Forensic Focus Emoji are everywhere — including in your evidence. Used across private-messaging apps and email, social media, and even in passwords and account names, emoji are pictographic representations of objects, moods, and words. They’re a convenient

Walkthrough: XRY Photon Manual

XRY Photon is a solution designed for recovering smartphone app data that’s inaccessible through normal extraction techniques. Now the power of XRY Photon has been expanded to cover hundreds of additional apps, with a new manual option. Before using XRY

How To Use Griffeye Brain – Artificial Intelligence

The Griffeye Brain in Analyze DI Pro version 19.2 brings the power of machine learning and artificial intelligence to help you quickly locate and identify child sex abuse material within your investigations. In addition, the Griffeye Brain now has improved

Three Reasons Why Call Detail Records Analysis Is Not “Junk Science”

by Patrick Siewert, Principal Consultant, Pro Digital Forensic Consulting Since introducing our private sector clients to the impact that cellular call detail records (CDR) analysis & mapping can have on their cases, we’ve had a lot of robust discussions with

How To Save Time With XAMN’s Dynamic Artifact Count Feature

At MSAB, we’re always looking to improve our software and make every product more user-friendly, intuitive, and valuable; and to help save you time. We’ve recently improved the way that XAMN displays and counts artifacts. Let’s take a look at

How To Integrate LACE Carver With Griffeye Analyze DI Pro

Let’s talk about the exciting new LACE Carver integration with Analyze DI Pro. Once you have the proper license, you can head over to your Downloads page on MyGriffeye.com and go to the LACE Carver download. Once the app package