Alex Caithness, Principal Analyst from CCL Group Ltd. published a new blog post about a new feature in Windows 10 called “Timeline”…
Category Archives: Knowledgebase
APFS Encryption FAQ by Blackblag
Blackbag answers in their blogs a few common questions about APFS encrpytion. Read their article here…
Windows 10 Time Rules
Very interesting article about Windows 10 Timestamps at cyberforensicator.com…
Torrent: utorrent artifacts
Some very useful information about utorrent artifacts collected by Robert Pearson => link…
New OSINT resource
Bellingcat.com published a new document about useful OSINT resources for online investigation. It’s a Google Doc which is openly available for the public as a guide. You can find the document here…
Manually check current time zone
Some good explanation about manual check of time zone settings can be found here: http://www.digital-detective.net/manual-identification-of-suspect-computer-time-zone-2/ http://forensium.com/Web_log/13_Calculate_time_zone_bias…
OSINT link collection
Over time I’ve collected many useful links and small HOWTOs which I use during my OSINT investigations. They go from very basic search techniques to more advanced social media data collection procedures. I will try to keep the below list up to date but as always I do not take any responsibilities for any broken…
Windows 10 Forensics: OS Artifacts
Found a good presentation created by Brent Muir about Windows 10 Forensics artifacts. Another good resource is this PDF published by Champlain College…
OSINT: Domains
There is quite more than just performing some Whois queries when performing domain name investigations. Below are a few links for your online searches of domain names and IP addresses. Online Port Scanner ViewDNS gives you a list of open ports on a particular domain. ViewDNS Reverse IP (viewdns.info/reverseip) Domain IP History You can also…
OSINT: Image & Video Analysis
Thanks to all the fancy gadgets, image and video files are spread all over the internet. Within this post I will describe what kind of search techniques are particularly for multimedia content. Reverse Image Searches A good start is always a image search using one of the big 2’s. But there are also a few…