This is a short article I found about explaining the acronyms SIM, IMSI, ICC-ID, ESN and IMEI. SIM, IMSI, ICC-ID, ESN and IMEI…
Monthly Archives: February 2016
The San Bernardino iPhone
Very interesting article about the San Bernardino case published on the SANS Digital Forensics and Incident Response Blog. What is possible in terms of iPhone forensics? Read here: link…
Webcast: iPhone Forensics – Separating the Facts from Fiction
SANS will held a webcast on February 23, 2016 about iPhone Forensics. Time: Tuesday, February 23, 2016, 16:00 (UTC) Overview: There is much confusion surrounding what is possible and not possible technically when iPhone forensics is discussed. Focusing solely on the technical matters at hand with the industries top Smartphone experts, SANS aims to answer these key questions: What kind of…
Disk analysis with Sleuth Kit tools
The Sleuth Kit provides a few tools to automate the disk analysis process. This article gives a quick overview which commands can be used to analyze a physical disk image in Linux. fdisk fdisk is a partition table manipulator for Linux. It’s a menu driven program for creation and manipulation of partition tables. For digital…
Analysis of a Master Boot Record
Have you wondered what’s in physical sector 0? And how you can potentially read a partition table in a HEX viewer? This site gives you a step-by-step guide: link…
Boot process of an operating system
Old but gold. It’s always worth to know exactly how the boot process of an operating system works. You will find a good explanation here: https://www.cs.rutgers.edu/~pxk/416/notes/02-boot.html…
Acquiring Data with dd, dcfldd, dc3dd
Acquiring Data with dd in Linux dd stands for “data dump” and is available on all UNIX and Linux distributions. dd can create a bit-by-bit copy of a physical drive without mounting the drive first. This RAW image ca be read by most of the forensics tools currently on the market. A few shortcomings of the dd…
Example of an MD5 collision
Read a lot about it but have never seen one?! Check out this example provided by X-Ways: http://www.x-ways.net/md5collision.html…
Apple iOS Device Dashboard
If you conduct iPhone or iPad forensics, you might find this dashboard useful. It’s a compilation of a forensics investigators notes about various possibilities of iDevice acquisitions. You will find the reference chart here: http://goo.gl/UXt7Od …
The dollar signs of the deep web
Nice info graphic about the deep web provided by Norwich University. Link: https://eforensicsmag.com/msisa/…