Join Us!

Windows 8 Touch Keyboard Forensics

Microsoft released Windows 8 in 2012. With this new version, Microsoft made a fundamental shift in Windows 8 as compare to older versions of Windows. It does not only target netbooks, laptops and traditional computers, instead they decided to use … Read more

Countering Anti-Forensic Efforts – Part 1

by Oleg Afonin, Danil Nikolaev & Yuri Gubanov
© Belkasoft Research 2015

Computer forensic techniques allow investigators to collect evidence from various digital devices. Tools and techniques exist allowing discovery of evidence that is difficult to get, including destroyed, locked, … Read more

Linux Timestamps, Oh boy!

Timestamps are critical for analysts; they usually deal with different filesystems and understanding how the file timestamps work on each is crucial to what they do.

If you do an online search for linux timestamps, you’ll get ton of information … Read more

Project Spartan Forensics

by James Gratchoff & Guido Kroon, University of Amsterdam

Project Spartan is the codename of the new Microsoft Edge browser and successor to its previous, Internet Explorer. This research paper gives insight into the current artefacts that the current development … Read more

Forensics and Bitcoin

This article does not attempt to provide a beginners guide to Bitcoin, nor an in-depth thesis on Bitcoin forensics. Rather, it will be an overview of the potential opportunities available to digital forensics and traditional investigators to obtain evidence in … Read more

WhatsApp – discovering timestamps of deleted messages

ABSTRACT:  This is a procedure for locating and parsing deleted messages timestamps in Android WhatsApp database.

I did a little reverse engineering, using the hexadecimal tool of Physical Analyzer (UFED by Cellebrite), of the database of the popular messaging app … Read more