Hacking Exposed Computer Forensics Blog

Hello Reader, Yesterday we reviewed the timestomp tool and showed how simple MFT analysis can defeat it. Today we are going to...

Daily Blog #130: Detecting Fraud Sunday Funday 10/27/13 Part 3 - SetMace

Reviewed by David Cowen on October 31, 2013 Rating: 5

fraud howto timestamps timestomp

Daily Blog #129: Detecting Fraud Sunday Funday 10/27/13 Part 2 - Timestamp changes

David Cowen October 30, 2013

Hello Reader, Yesterday we went through detecting system clock changes on Windows 7, today we are going to talk about timest...

Daily Blog #129: Detecting Fraud Sunday Funday 10/27/13 Part 2 - Timestamp changes

Reviewed by David Cowen on October 30, 2013 Rating: 5

fraud howto timestamps

Daily Blog #128: Detecting Fraud Sunday Funday 10/27/13 Part 1 - Time Changes

David Cowen October 29, 2013

Hello Reader, Let's talk about system clock changes which is one of the areas not covered by this weeks Sunday Funday winni...

Daily Blog #128: Detecting Fraud Sunday Funday 10/27/13 Part 1 - Time Changes

Reviewed by David Cowen on October 29, 2013 Rating: 5

contest

Daily Blog #127: Sunday Funday 10/27/13 Winner!

David Cowen October 28, 2013

Hello Reader, Another Sunday Funday behind us and a another challenger who came with a great writeup full of testin...

Daily Blog #127: Sunday Funday 10/27/13 Winner!

Reviewed by David Cowen on October 28, 2013 Rating: 5

contest

Daily Blog #126: Sunday Funday 10/27/13

David Cowen October 26, 2013

Hello Reader, It's Sunday Funday time again!Let's switch up these contests to something a little more internal investiga...

Daily Blog #126: Sunday Funday 10/27/13 Reviewed by David Cowen on October 26, 2013 Rating: 5

Saturday reading

Daily Blog #125: Saturday Reading 10/26/13

David Cowen October 26, 2013

Hello Reader, It's Saturday! Time to rock out with your dongle out as we get down to some forensic goodness. 1. We had the th...

Daily Blog #125: Saturday Reading 10/26/13 Reviewed by David Cowen on October 26, 2013 Rating: 5

forensic lunch

Daily Blog #124: Forensic Lunch 10/25/13

David Cowen October 25, 2013

Hello Reader, We had another great forensic lunch today, this time we finished out the IR roundtable series with James Lohm...

Daily Blog #124: Forensic Lunch 10/25/13 Reviewed by David Cowen on October 25, 2013 Rating: 5

Daily Blog #123: Svchost Persistance Question Answered

David Cowen October 24, 2013

Hello Reader, After getting our stock XP VM license up and activated I did some testing today with the svchost key found here:...

Daily Blog #123: Svchost Persistance Question Answered Reviewed by David Cowen on October 24, 2013 Rating: 5

Daily Blog #122: Question regarding Persistence via Svchost

David Cowen October 23, 2013

Hello Reader, Harlan Carvey had a question from this weeks answer: "I have a question about the description of the Sv...

Daily Blog #122: Question regarding Persistence via Svchost Reviewed by David Cowen on October 23, 2013 Rating: 5

contest persistence

Daily Blog #121: Sunday Funday 10/20/13 Winner!

David Cowen October 22, 2013

Hello Reader, It was very much worth extending the contest for another day, I received several good submissions this time and t...

Daily Blog #121: Sunday Funday 10/20/13 Winner! Reviewed by David Cowen on October 22, 2013 Rating: 5

Daily Blog #120: Sunday Funday 10/20/13... Winner?

David Cowen October 21, 2013

Hello Reader, This Sunday Funday saw ... no submissions. Here was the challenge: The Challenge: List and explain all of the...

Daily Blog #120: Sunday Funday 10/20/13... Winner? Reviewed by David Cowen on October 21, 2013 Rating: 5

contest

Daily Blog #119: Sunday Funday 10/20/13

David Cowen October 20, 2013

Hello Reader, It's Sunday Funday time again! Last week you worked against a Linux challenge that proved to be quite difficul...

Daily Blog #119: Sunday Funday 10/20/13 Reviewed by David Cowen on October 20, 2013 Rating: 5

Saturday reading

Daily Blog #118 Saturday Reading 10/19/13

David Cowen October 19, 2013

Hello Reader, It's Saturday and time for another set of links to to make you think. I am actually writing this on Friday this w...

Daily Blog #118 Saturday Reading 10/19/13 Reviewed by David Cowen on October 19, 2013 Rating: 5

forensic lunch

Daily Blog #117: Forensic Lunch 10/18/13

David Cowen October 18, 2013

Hello Reader, Pretty hectic travel schedule this week with my little ones so no real time to organize a proper forensic lunch. Instead ...

Daily Blog #117: Forensic Lunch 10/18/13 Reviewed by David Cowen on October 18, 2013 Rating: 5

Top Ad unit 728 × 90

Latest News

Daily Blog #130: Detecting Fraud Sunday Funday 10/27/13 Part 3 - SetMace

Daily Blog #129: Detecting Fraud Sunday Funday 10/27/13 Part 2 - Timestamp changes

Daily Blog #128: Detecting Fraud Sunday Funday 10/27/13 Part 1 - Time Changes

Daily Blog #127: Sunday Funday 10/27/13 Winner!

Daily Blog #126: Sunday Funday 10/27/13

Daily Blog #125: Saturday Reading 10/26/13

Daily Blog #124: Forensic Lunch 10/25/13

Daily Blog #123: Svchost Persistance Question Answered

Daily Blog #122: Question regarding Persistence via Svchost

Daily Blog #121: Sunday Funday 10/20/13 Winner!

Daily Blog #120: Sunday Funday 10/20/13... Winner?

Daily Blog #119: Sunday Funday 10/20/13

Daily Blog #118 Saturday Reading 10/19/13

Daily Blog #117: Forensic Lunch 10/18/13

KPMG Advisory

Popular Posts

Blog Archive

Random Posts

Recent Posts

Contact Form

Top Ad unit 728 × 90

Latest News

Social Counter

KPMG Advisory

Popular Posts

Blog Archive

Random Posts

Recent Posts

Contact Form