forensics Archives - Page 3 of 3

Linux Timestamps, Oh boy!

12th May 202025th August 2015

Timestamps are critical for analysts; they usually deal with different filesystems and understanding how the file timestamps work on each is crucial to what they do. If you do an online search for linux timestamps, you’ll get ton of information… Read more

Project Spartan Forensics

12th May 202027th July 2015

by James Gratchoff & Guido Kroon, University of Amsterdam Project Spartan is the codename of the new Microsoft Edge browser and successor to its previous, Internet Explorer. This research paper gives insight into the current artefacts that the current development… Read more

Forensics and Bitcoin

12th May 202016th January 2015

This article does not attempt to provide a beginners guide to Bitcoin, nor an in-depth thesis on Bitcoin forensics. Rather, it will be an overview of the potential opportunities available to digital forensics and traditional investigators to obtain evidence in… Read more

Webmail Forensics – Digging deeper into Browsers and Mobile Applications

12th May 20201st February 2014

Almost everyone who uses the Internet has a web-based email account. Many people have two or more, so the likelihood of a forensic investigator coming across a case involving webmail communication is very high. While law enforcement examiners can ask… Read more

WhatsApp – discovering timestamps of deleted messages

12th May 20205th December 2013

ABSTRACT: This is a procedure for locating and parsing deleted messages timestamps in Android WhatsApp database. I did a little reverse engineering, using the hexadecimal tool of Physical Analyzer (UFED by Cellebrite), of the database of the popular messaging app… Read more