Magnet Forensics – Free Tool: IEF Logical Evidence File Creator for EnCase v7

25th May 202025th October 2013 by swilliams

Magnet Forensics has released the Internet Evidence Finder (IEF) Logical Evidence File Creator for EnCase v7. The IEF Logical Evidence File (LEF) Creator is an EnScript designed to create an LEF from a pre-existing IEF case folder. The goal of this EnScript is to allow an examiner who has run IEF separately from EnCase to later incorporate the findings into EnCase v7. Running this EnScript from EnCase v7 creates an LEF that is automatically added into EnCase.www.youtube.com/embed/UUazzKoJCoY</a>” frameborder=”0″ allowfullscreen>

Download the Tool
If you already use IEF you can download IEF Logical Evidence File (LEF) Creator for EnCase v7 directly from the Magnet Forensics website here.

This is the third EnScript released by Magnet Forensics that allows you to integrate IEF into your EnCase workflow. The first one was released in May 2013 and was designed as a stand-alone EnScript for EnCase v6 & v7. You can read the details here.

The second was a module specifically designed to be installed and used as part of the EnCase v7 “Process Evidence” option. You can read more about that EnScript here.

Using the Tool
Let’s assume I have a case where I have run IEF separately from EnCase and searched for Internet artifacts:

Once IEF is completed, I will be presented with the IEF report viewer screen to review the found artifacts:

Let’s now assume there are some artifacts that IEF found that are relevant and I want to include them in my overall EnCase processing/searching/reporting. I can simply run the EnScript from EnCase v7 and it will ask me to point to the IEF case folder (the folder structure that IEF creates and places all the output files in):

Once I have navigated to and selected an existing IEF case folder, the EnScript will create an LEF in that same folder and then try to add it into the current case.

You can now process/review/search/bookmark any of the artifacts that IEF found when you ran it in a stand-alone mode, but have now incorporated the artifacts into EnCase via a logical evidence file.

As always, I appreciate the feedback, comments or questions.
You can reach me anytime at lance(at)magnetforensics(dot)com

Latest Videos

Forensic Focus

In this Oxycast webinar, Ryan, from the Oxygen Forensic Training team, discusses the evolution and impact of dating apps, with a focus on forensic analysis. Ryan also demonstrates how you can analyze popular dating applications using the Oxygen Forensic Detective software.

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_90k-LHOjmcE

Dating Application Analysis

Forensic Focus 61 views 30th May 2023 12:07 pm

In this episode of the Forensic Focus podcast, Desi and Si discuss different online programming courses and what they think about the popular platform, Udemy. They also talk about Flipper, Dev boards, and Raspberry Pi, and delve into the fascinating phenomenon of running the classic game Doom on unlikely devices.

Throughout the episode, Desi and Si share their digital forensics expertise, referencing some of the cases they have been working on and highlighting particular methodologies and technologies that have an impact on cybersecurity.

Show Notes:

100 Days of Code: The Complete Python Pro Bootcamp for 2023 - https://www.udemy.com/course/100-days-of-code/

Domestika - https://www.domestika.org/en

MIT OpenCourseWare - https://www.youtube.com/@mitocw

MasterClass - https://www.masterclass.com/

Raspberry Pi 400 Complete Kit - https://core-electronics.com.au/raspberry-pi-400-kit.html

Flipper Discord - https://discord.com/invite/flipper

Flipper Zero - https://flipperzero.one/

This Programmer Figured Out How to Play Doom on a Pregnancy Test - https://www.popularmechanics.com/science/a33957256/this-programmer-figured-out-how-to-play-doom-on-a-pregnancy-test/

Here’s a dude playing Doom Eternal on his fridge - https://www.polygon.com/2020/10/13/21514933/doom-eternal-refrigerator-door-samsung-smart-refrigerator-xbox-game-pass-richard-mallard

Doom hacker gets Doom running in Doom - https://www.pcgamer.com/doom-hacker-gets-doom-running-in-doom/

Doom Running On A Calculator Powered By Old Potatoes - https://kotaku.com/doom-running-on-a-calculator-powered-by-old-potatoes-1845374069

GoldenEra - https://www.imdb.com/title/tt11753760/

Racing the Beam - https://en.wikipedia.org/wiki/Racing_the_Beam

High Score (TV series) - https://en.wikipedia.org/wiki/High_Score_(TV_series)

Microcontroller Courses (Udemy) - https://www.udemy.com/topic/microcontroller/

The story of Final Fantasy XIV’s renegade do-good modders - https://www.pcgamesn.com/final-fantasy-xiv/ffxiv-modders-renegade-do-gooders

Logical fallacies - https://yourlogicalfallacyis.com/

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_5f72B6DD5wk

Programming Languages, Flipper And Gaming

Forensic Focus 66 views 24th May 2023 11:43 am

In this episode of the Forensic Focus podcast, Si and Desi talk to Mackenzie Jackson, Developer Advocate at Git Guardian.

Mackenzie discusses the problem of hard-coded and leaked credentials in Git repositories, the task of scanning Git repositories for leaked credentials, and how that’s helped by the setup of GitHub and Git.

He also looks at some public and private cases of security breaches through Git repositories and recommends tools you can use to combat attackers on Git.

Show Notes:

Toyota Suffered a Data Breach by Accidentally Exposing A Secret Key Publicly On GitHub (GitGuardian) - https://blog.gitguardian.com/toyota-accidently-exposed-a-secret-key-publicly-on-github-for-five-years/

GitHub.com rotates its exposed private SSH key (Bleeping Computer) - https://www.bleepingcomputer.com/news/security/githubcom-rotates-its-exposed-private-ssh-key/

Conpago - https://www.conpago.com.au/

Source Code as a Vulnerability - A Deep Dive into the Real Security Threats From the Twitch Leak (GitGuardian) - https://blog.gitguardian.com/security-threats-from-the-twitch-leak/

Teenagers Leveraging Insider Threats: Lapsus$ Hacker Group (Forbes) - https://www.forbes.com/sites/emilsayegh/2023/03/15/teenagers-leveraging-insider-threats-lapsus-hacker-group

Lapsus$: Oxford teen accused of being multi-millionaire cyber-criminal (BBC) - https://www.bbc.co.uk/news/technology-60864283

Dynamic Secrets (HashiCorp) - https://developer.hashicorp.com/vault/tutorials/getting-started/getting-started-dynamic-secrets

Crappy code, crappy Copilot. GitHub Copilot is writing vulnerable code and it could be your fault (GitGuardian) - https://blog.gitguardian.com/crappy-code-crappy-copilot/

trufflesecurity/trufflehog (GitHub) - https://github.com/trufflesecurity/trufflehog

gitleaks/gitleaks (GitHub) - https://github.com/gitleaks/gitleaks

Git (Wikipedia) - https://en.wikipedia.org/wiki/Git

awslabs/git-secrets (GitHub) - https://github.com/awslabs/git-secrets