evidence acquisition Archives

Devon & Cornwall Police’s Steve Slater on Implementing RASSO Changes in Digital Forensics Units

24th October 2022

Christa: Welcome back to the Forensic Focus Podcast. I’m Christa Miller here with my co-host, Si Biles, and this week we’re with Steve Slater, Head of Digital Forensics at Devon and Cornwall Police in the United Kingdom to talk about… Read more

I Can Login Without Your Password: Data Acquisition From Web-Based Server Using Credential Attack

1st March 2022

A diagram of a six-step user credential attack

Hi, I’m Jaehyeok Han from South Korea. I’m going to talk about data acquisition from web based service, without password, and I used credential attack. Before presentation, I’d like to appreciate this opportunity to show our study, following contents I’ve… Read more

ICDF2C 2018 – Recap

19th May 20209th October 2018

This article is a recap of some of the main highlights from the ICDF2C conference 2018, which took place in New Orleans, LA, USA from the 10th-12th September. The program began on Monday 10th September with the usual welcome registration.… Read more

Walkthrough: Oxygen Forensic Detective Latest Features

14th May 20205th October 2018

Within Oxygen, you’re able to not only connect one device, but several devices, and image them simultaneously. Oxygen’s extractor runs independently of Oxygen Detective, and that’s what allows you to run several different extractions at the same time, and there… Read more

Word Forensic Analysis And Compound File Binary Format

12th May 202018th September 2018

by Arman Gungor Microsoft Word forensic analysis is something digital forensic investigators do quite often for document authentication. Because of the great popularity of Microsoft Office, many important business documents such as contracts and memoranda are created using Word. When… Read more

SSD and eMMC Forensics 2016 – Part 2

12th May 20204th May 2016

What Has Changed in 2016 in the Way SSD Drives Self-Destruct Evidence. Demystifying eMMC, M.2, NVMe, and PCI-E. by Yuri Gubanov, Oleg Afonin © Belkasoft Research 2016 In the first part of this article, we reviewed different kinds of the… Read more

SSD and eMMC Forensics 2016

12th May 202020th April 2016

What Has Changed in 2016 in the Way SSD Drives Self-Destruct Evidence. Demystifying eMMC, M.2, NVMe, and PCI-E. by Yuri Gubanov, Oleg Afonin © Belkasoft Research 2016 This publication continues the series started with an article on SSD forensics we… Read more

The Future of Mobile Forensics: November 2015 Follow-Up

12th May 20204th November 2015

by Oleg Afonin, Danil Nikolaev, Yuri Gubanov Mobile forensics is a moving target. In our recent article, “The Future of Mobile Forensics”, we described acquisition techniques that used to be state-of-the art back then. Weeks later, some things had changed… Read more

Acquiring Windows PCs

12th May 202026th May 2015

by Oleg Afonin, Danil Nikolaev and Yuri Gubanov In our previous article, we talked about acquiring tablets running Windows 8 and 8.1. In this publication, we will talk about the acquisition of Windows computers – desktops and laptops. This class… Read more

Bitcoin Forensics Part II: The Secret Web Strikes Back

12th May 202014th November 2013

In last week’s post, we talked about Bitcoin, Tor and some of the hidden websites only accessible via Tor, such as Silk Road, which was shut down by the FBI on October 1st. Well, just over a month later and… Read more

Bitcoin Forensics – A Journey into the Dark Web

12th May 20206th November 2013

There has been a lot of buzz around Tor, Bitcoin, and the so-called “dark web” (or “deep web”) since the FBI shut down the underground website “Silk Road” on Oct 1st. As many of you already know, Tor is a… Read more

Analysis Of iOS Notes App

12th May 20202nd November 2013

As part of my third year studying Digital Security,Forensics & Ethical Hacking at GCU, I took part in a group research project to study the artifacts created when using the notes app on an iPad Mini, and if they could… Read more

Forensic Imaging of Hard Disk Drives- What we thought we knew

12th May 202027th January 2012

By Todd G. Shipley and Bryan Door (A complete copy of this white paper and its figures and diagrams can be found at www.nfdrtc.net). WHAT WE HAVE BEEN TAUGHT Imaging of hard drives has been the main stay of the… Read more

Digital Forensics and ‘self-tracking’

12th May 202020th July 2011

by Dr Chris Hargreaves, lecturer at the Centre for Forensic Computing at Cranfield University in Shrivenham, UK This month’s article is based very loosely around a recent 5-minute talk from Gary Wolf (link here) which explores the concept of ‘self-tracking’… Read more

Flash drives and acquisition

12th May 202019th July 2011

First published June 2010 by Dominik Weber, Senior Software Architect for Guidance Software, Inc. “Take a look at this”. It started simply with that.A co-worker was looking into some strange issue with an acquisition of a flash drive. It seemed… Read more