Loading ...
Sorry, an error occurred while loading the content.

Messages List

9712

Re: Updates to File Name Attribute Creation Date

Thanks, Yogesh. I tested a few other tools, and they very well may create a new file as you described. With those other tools, all SIA and FN dates were set
Weg, Jimmy
Apr 15
#9712
 
9711

Re: Updates to File Name Attribute Creation Date

Jimmy It is likely that the file recovery is doing this. When a file is recovered by the tool, it is basically creating a NEW file and putting the rescued data
Yogesh Khatri
Apr 15
#9711
 
9710

Updates to File Name Attribute Creation Date

A file recovery tool supposedly was used to recover deleted files. Users select the location to which recovered files should be directed. In my tests, I
Weg, Jimmy
Apr 15
#9710
 
9709

Re: Cell phone forensics analysis

The ARE (Android Reverse Engineering) distro is useful...some of the tools on it are broke or needed to be tweaked...but still good (I had a version that I was
Robin Jackson
Apr 10
#9709
 
9708

Re: Cell phone forensics analysis

Thank you Sean, great information. On Apr 9, 2015 5:58 AM, "Sean McLinden mclinden@... [win4n6]"
Nora Urcuyo
Apr 9
#9708
 
9707

Re: Cell phone forensics analysis

If you are dealing with Android it is relatively simple. Most of the spyware that I have seen tries to "hide" itself by picking relatively innocuous
Sean McLinden
Apr 9
#9707
 
9706

Cell phone forensics analysis

Does anyone know about spyware on phones? I have paraben to do a forensics analysis but paraben does not parse that data, I know to look in the APK database
nurcuyo1946
Apr 8
#9706
 
9705

OSDFCon CFP

Open Source Digital Forensics Conference - Call For Presentations and Workshops The 6th Annual Open Source Digital Forensics Conference (OSDFCon) will be held
Brian Carrier
Apr 7
#9705
 
9704

DFRWS 2015 - Deadline for Workshop and Presentation proposals - Act

The deadline for Workshop Proposals is in just 8 days, April 15, and the deadline for presentations/posters is in just 10 days, on April 17, 2015. DFRWS USA
Baker, Dave
Apr 7
#9704
 
9703

(no subject)

130. Floor show Jimmy Weg Sent from my Verizon Wireless 4G LTE DROID - So blame the phone for the typos!
Weg, Jimmy
Mar 31
#9703
 
9702

30 Minutes till the start of the Webcast - Reverse Engineering Mac M

Webcast Link: http://dfir.to/3-23-15-WC-T Reverse Engineering Mac Malware presented by Sarah Edwards Monday, March 23 at 7:00 PM EST (23:00:00 UTC) Dynamic
Rob Lee
Mar 23
#9702
 
9701

Re: My presentation on the need for proactive threat hunting is now

If you're considering Cb, why not also consider MS's Sysmon? Using that, and syslog to shuttle the records off of the system to a central location, would be
keydet89
Mar 23
#9701
 
9700

Re: My presentation on the need for proactive threat hunting is now

A tool that I've used to great success is Kansa by David Hull.
James
Mar 22
#9700
 
9699

Re: My presentation on the need for proactive threat hunting is now

Agreed, Harlan. We have done much the same with Python and powershell scripts, but now use Splunk's universal forwarder to execute these collections of
Irrational Pi
Mar 21
#9699
 
9698

Re: My presentation on the need for proactive threat hunting is now

Years ago...prior to 2002...I did proactive hunting within the organization where I worked. I started with a Perl script that would reach out into the domain
keydet89
Mar 21
#9698
 
View First Topic Go to View Last Topic
Loading 1 - 15 of total 9,712 messages