Uncovering Windows Registry Data and the Latest Mac Artifacts

Julie O’Shea: Hi, everyone. Thanks for joining today’s webinar: Uncovering Windows Registry Data and the Latest Mac Artifacts. I’m Julie O’Shea and I’m the Product Marketing Manager here at Cellebrite Enterprise Solutions. Before we get started, there are a few… Read more

Forensic Analysis of ReFS Journaling

Hello, I am Seonho Lee from the Affiliated Institute of ETRI. Today, I talk about the forensic analysis of ReFS Journaling. Before everything, let me just briefly explain the two key topics of the presentation. I’m going to explain what… Read more

How To Boot Scan A Microsoft Surface Pro

Hi, I’m Rich Frawley, and I’m the Digital Forensic Specialist with ADF Solutions. Today we’re going to conduct a boot scan of a Microsoft Surface Pro with BitLocker activated. At this point you have decided on a search profile, or… Read more

Finding And Interpreting Windows Firewall Rules

by Joakim Kävrestad Determining with whom and in what way a computer has communicated can be important and interesting in several types of examinations. Communications can be an important part of analyzing if and how a computer has been remote… Read more

How To Analyze Windows 10 Timeline With Belkasoft Evidence Center

Temporal analysis of events (Timeline) can be beneficial when you want to reconstruct events related to computer incidents, data breaches, or virus attacks taking place on a victim’s computer.  Historically, digital forensic timeline analysis has been broken down into two… Read more

Windows Drive Acquisition

by Oleg Skulkin & Scar de Courcier Before you can begin analysing evidence from a source, it first of all needs to be imaged. This describes a forensic process in which an exact copy of a drive is made. This… Read more

Windows 10 PE for Digital Forensics

by Robin Brocks, IT Forensic Expert and Incident Responder Only a few years ago, it was a real pain creating a portable Windows on CD/ DVD or thumb drive, because the Operating System was not prepared to run on those… Read more