How To Boot Scan A Microsoft Surface Pro

Hi, I’m Rich Frawley, and I’m the Digital Forensic Specialist with ADF Solutions. Today we’re going to conduct a boot scan of a Microsoft Surface Pro with BitLocker activated.

At this point you have decided on a search profile, or … Read more

Finding And Interpreting Windows Firewall Rules

by Joakim Kävrestad

Determining with whom and in what way a computer has communicated can be important and interesting in several types of examinations. Communications can be an important part of analyzing if and how a computer has been remote Read more

How To Analyze Windows 10 Timeline With Belkasoft Evidence Center

Temporal analysis of events (Timeline) can be beneficial when you want to reconstruct events related to computer incidents, data breaches, or virus attacks taking place on a victim’s computer. 

Historically, digital forensic timeline analysis has been broken down into two Read more

Windows Drive Acquisition

by Oleg Skulkin & Scar de Courcier

Before you can begin analysing evidence from a source, it first of all needs to be imaged. This describes a forensic process in which an exact copy of a drive is made. This … Read more

Windows 10 PE for Digital Forensics

by Robin Brocks, IT Forensic Expert and Incident Responder

Only a few years ago, it was a real pain creating a portable Windows on CD/ DVD or thumb drive, because the Operating System was not prepared to run on those … Read more