Forensics: Importing Hashsets into EnCase (Part 2)

Part 2, of the series. Part 1, of how to import hashes into EnCase is available here.

Forensics: Importing Hashsets into EnCase (Part 1)

Forensics: Importing Hashsets into EnCase (Part 1)

Forensics: FTK Tips

Access Data latest tips for FTK, on YouTube.

Forensics: FTK 3.0 Analysis of an Apple Mac

Below is a video from Access Data, showing the analysis of an Apple Mac with  FTK 3.0

Forensics: FTK 3 – Tips and Tricks Videos

Below is a video from Acess Data, showing some tips and tricks for FTK 3.0

Forensics: Tracing a Hotmail

An email sent via Hotmail automatically traps the IP address of the sending computer.This allows emails sent via HotMail to be traced far more easily, than other email systems.

E.g the IP address in AOL email relates to the AOL server (often based in the US) so does not provide any immediately useful information.

The video below shows how to find the IP address in the Hotmail and how to trace this to a geographic location

Forensics: Dates and the $Standard_Information Attribute

Below is a video showing the $Standard_Information Attribute within the MFT

Follow

Get every new post delivered to your Inbox.

Join 29 other followers