software Archives - Forensic Focus

Database of Software “Fingerprints” Expands to Include Computer Games

12th May 202013th September 2018

by Richard Press, NIST One of the largest software libraries in the world just grew larger. The National Software Reference Library (NSRL), which archives copies of the world’s most widely installed software titles, has expanded to include computer game software… Read more

Evidence Acquisition Using Accessdata FTK Imager

12th May 20202nd March 2018

by Chirath De Alwis Forensic Toolkit or FTK is a computer forensics software product made by AccessData. This is a Windows based commercial product. For forensic investigations, the same development team has created a free version of the commercial product… Read more

Imm2Virtual: A Windows GUI To Virtualize Directly From Disk Image File

12th May 20206th October 2017

This is a Windows 64 bit GUI for a procedure to virtualize your EWF(E01), DD(Raw), AFF disk image file without converting it, directly with VirtualBox. It is forensically proof.… Read more

The “I’ve Been Hacked” Defence

12th May 202024th October 2016

By: Yuri Gubanov, Oleg Afonin (C) Belkasoft Research, 2016 Abstract This article was inspired by an active discussion in one of the forensic listservs. Original post was asking on how to fight with an argument “This is not me, this… Read more

Development of Digital Forensic Tools on Mobile Device, a Potential Area to Consider?

12th May 202019th October 2014

Case Study: MobileTriage – JPEG Metadata Triage – Automated Extraction of Information using Mobile Forensic Tools Background Mobile devices are now becoming part of our daily lives. These devices can now perform tasks or activities that were normally being processed… Read more

Extracting Evidence from Destroyed Skype Logs and Cleared SQLite Databases

12th May 202026th November 2013

Summary This article describes common approaches used for the recovery of cleared Skype histories and deleted chat logs, and discusses methods and techniques for recovering evidence from cleared and damaged SQLite databases. Introduction It is difficult to underestimate popularity of… Read more

Bitcoin Forensics Part II: The Secret Web Strikes Back

12th May 202014th November 2013

In last week’s post, we talked about Bitcoin, Tor and some of the hidden websites only accessible via Tor, such as Silk Road, which was shut down by the FBI on October 1st. Well, just over a month later and… Read more

Bitcoin Forensics – A Journey into the Dark Web

12th May 20206th November 2013

There has been a lot of buzz around Tor, Bitcoin, and the so-called “dark web” (or “deep web”) since the FBI shut down the underground website “Silk Road” on Oct 1st. As many of you already know, Tor is a… Read more

Detecting Forged (Altered) Images

12th May 202022nd August 2013

Are digital images submitted as court evidence genuine or have the pictures been altered or modified? We developed a range of algorithms performing automated authenticity analysis of JPEG images, and implemented them into a commercially available forensic tool. The tool… Read more

KS – an open source bash script for indexing data

12th May 202023rd April 2013

KS – an open source bash script for indexing data ABSTRACT: This is a keywords searching tool working on the allocated, unallocated data and the slackspace, using an indexer software and a database storage . Often during a computer forensics… Read more

Mobile Phone Forensic Challenges

12th May 202017th May 2012

Introduction A great number of the mobile phones used worldwide every second require special knowledge and skills from forensic experts. More often it is not enough to be an experienced expert in computer forensics to understand all the peculiarities and… Read more