Top Ad unit 728 × 90

Latest News


Daily Blog #83: Saturday Reading 9/14/13

Hello Reader,
        It's Saturday and I have my collection of links from the week ready to read.

1. We had another Forensic Lunch yesterday, with Joachim Metz, Kyle Maxwell and some of us in the G-C lab. You can watch it with the new Google+ Q&A feature here!

2. Corey Harrell has a new blog post up,, talking about tools that can be used to grab locked files from live systems. Having new tools in your toolbox is always important and this post does a good survey of these.

3. If you are doing Windows 8 forensics you should read this blog post over at Digital Forensic Stream,, talking about how to recover searches made in the Windows 8 search charm. With the search charm being one the central ways of finding documents/app and executing programs in Windows 8 this is very important.

4. Linux Sleuthing updated their SQLite forensics article on recovering deleted records,, with the prevalence of SQLite continuing to grow I use tools that recover deleted records on a regular basis. Check this out for a linux based FOSS approach.

5. If you've heard me talk before you know I always talk about differing perspectives in the DFIR spectrum but our unified reliance on the same artifacts. Harlan has a good post up on perspectives, and you should give it a read.

Short week on links but what I do have for you is the forensic image for tomorrows Sunday Funday!
Download it here!

Get ready for a full forensic challenge with the questions to answer to be put up tonight!
Daily Blog #83: Saturday Reading 9/14/13 Reviewed by David Cowen on September 14, 2013 Rating: 5

No comments:

All Rights Reserved by Hacking Exposed Computer Forensics Blog © 2014 - 2020
Powered By Blogger, Designed by Sweetheme

Contact Form


Email *

Message *

Powered by Blogger.