Acquiring Data with dd, dcfldd, dc3dd

Acquiring Data with dd in Linux dd stands for “data dump” and is available on all UNIX and Linux distributions. dd can create a bit-by-bit copy of a physical drive without mounting the drive first. This RAW image ca be read by most of the forensics tools currently on the market. A few shortcomings of the dd…

Read More

Logical vs file system vs physical acquistion

The CCL Group has a good definition on their website about the difference between data extraction methods of mobile devices. Ever wondered what the difference is between logical vs file system vs physical vs manual extraction?! Check their article. Link: http://www.cclgroupltd.com/mobile-device-forensics-data-acquisition-types/…

Read More

Webinar: Investigating Sexual Crimes in the Tinder Age

MAGNET forensics put together a webinar published late 2014 about investigating sexual crimes in the tinder age. This webinar is interesting for all those who are wondering what artifacts can be collected from apps like tinder, facebook messages or snapchat. Even though the webinar was recorded in December 2014, it still contains a lot of useful…

Read More