Sample investigative/forensic reports

I have a document that goes into detail what should be included in a Computer Forensics Report. Please provide me your e-mail address and I will send it to you. My e-mail address is computerforensics911@inbox.com

Hi! computerforensics911 I will be very thankful to you if you can send me the document ur talking about.
Thanks

I use the honeynet project as a reference. Their challenges show the examiners report. You get different perspectives on how to write a forensic report.

http//www.honeynet.org/challenge/index.html

Just look under "Results of the challenge" to see users forensic reports. Look at past forensic challenges to see their reports as well.

Another resource I recommend is Incident Response and Computer Forensics by Kevin Mandia (and other contributing authors). This book has a great outline on how to write computer forensic reports.

Greetings,

I used the NIJ case reports as a template and expanded on them. They worked well for organizing my thoughts, and ensuring that I don't put too much information into it. (Ie, there isn't a section labeled "Speculation".

-David

@computerforensics911 Email sent, thanks!

@senordiablo Honeynet challenges aren't exactly what I'm looking for, but I'll check out Incident Response and Computer Forensics.

@kovar Do you have a link to the case reports? I can't find them.

computerforensics911 can you send me that report too

email malinda7@gmail.com

Useful thread.

@computerforensics911 - would you consider making your document publicly available, either for comments or as a suggested framework for others to build upon? A cut down/edited version would be fine if necessary. Please PM if you're interested (same goes for anyone else willing and able to share their reporting methodology).

I'd like to get something like this online in the near future to complement the recommended/suggested hardware section we're working on. Should make a nice baseline for us to tweak and discuss.

Cheers,

Jamie

Greetings,

The National Institute of Justice document entitled "Digital Evidence" can be found here

www.ncjrs.gov/pdffiles1/nij/199408.pdf

It has two example reports that I've used as templates, and it is a good document to read in general.

-David

Thanks kovar!

The documents computerforensics911 was kind enough to share are freely available. Two are GIAC GCFA practicals (Mark Maher and Gerald King) and one is Fundamental Computer Investigation Guide For Windows from Microsoft. I'm learning a lot from the two practicals. Thanks computerforensics911 =)