Streamlining the FTK Workflow With Portable Cases

Want to cut down on your backlog and your work by making someone else do the basic review? Well, you’re in luck, because this week we’re talking about Portable Case in FTK Feature Focus. Welcome back to FTK Feature Focus.

Evidence Acquisition Using Accessdata FTK Imager

by Chirath De Alwis Forensic Toolkit or FTK is a computer forensics software product made by AccessData. This is a Windows based commercial product. For forensic investigations, the same development team has created a free version of the commercial product

Bruteforcing Linux Full Disk Encryption (LUKS) With Hashcat

by Patrick Bell This walk-through will show you how to Bruteforce LUK volumes using hashcat, how you can mount a LUK partition, and how we can image it once it’s decrypted. Scenario: You’ve got a Macbook in. MacOS has been

The Importance of Memory Search and Analysis

First published October 2009 by Access Data www.accessdata.com Introduction Historically, criminal or corporate investigations involving computer equipment began by immediately disconnecting any compromised machines from the network, powering them down, and securing them in a proper environment where they would