ForensicZone

A site for “Computer Crime” Investigators Where we can share our tips, tricks and mistakes…

Tuesday, January 1, 2019

KAI OS Forensics for Money and Profit

The last month I have been forensically analyzing the KAI OS 2.5, formally FireFox OS. We are seeing a bunch of these feature phones in our...

Wednesday, October 16, 2013

Wisconsin Association of Computer Crime Investigators 2013 Conference

"Sup" (...been a long while) PTFinderFE is obsolete do to the new innovations in Volatility. (Updated 10/20/13)My New Volatilit...

Friday, October 12, 2012

WACCI Conference 2012 - Tip and Tricks Notes

Wisconsin Association Computer Crimes Investigator Conference 2012 Tip and Tricks Notes: "Thank you" for all the great input. ...

Tuesday, January 25, 2011

EnScripts (EnPacks) to Carve iPhone SMS Messages

These are tools to find SMS Messages from physical (carve) or logical files, recovered from an iPhone (DOWNLOAD) . This tool is really mean...

Sunday, October 17, 2010

New Win7 Process Enscript (Beta)

I updated my Basic Memory Analysis Enscripts (Version 6) and rolled them out at the 2010 WACCI Conference. The newest addition is an Ensc...

Wednesday, September 1, 2010

The Mystery of ROT (-29)

I know if your reading my blog you've seen ROT13 and know it is used by Microsoft in the UserAssist Registry Key . But now I’ve found ...

Friday, October 16, 2009

Walk-Through: Volatility Batch File Maker and Volatility's VadDump

*********** The First 5 Steps are exactly the same as my last posted regarding Walk-Through: Volatility Batch File Maker and Volatility'...

View web version

Powered by Blogger.