Daily Blog #41: Saturday Reading 8/3/13

Hello Reader,           It’s Saturday and after a long week of working, heck you might be in the office working right now, its time to let the disks image, the indexes run and the hashes hash while you sip some coffee and do some forensic reading. 1. If you haven’t watched/listen to it already we had a […]

Daily Blog #40: Web 2.0 Forensic Part 5

Hello Reader,                    In the past posts in this series we’ve focused on what you can recover from web 2.0 sites, how data sits on the disk and how data is transmitted across the network. In this post we talk about what these messages fields mean and how to build a quick […]

Forensic Lunch 8/2/13

Hi there Reader,           Just a reminder that in an hour we will be doing a Forensic Lunch broadcast. To watch live and ask questions go here: I’ll update the event to a link to the broadcast. If you can’t make it, don’t worry! I’ll have a recording up after the event ends on our Youtube channel here: Hope to see […]

Daily Blog #39: Web 2.0 Forensic Part 4

Hello Reader,      I finally got fiddler installed, its windows only and available here, and it is much improved over the last time I used it! It even has a ajax and xml decoder built in now which is a pretty huge improvement. In this post we are going to focus on what network data is actually being transmitted […]

Daily Blog #38: Web 2.0 Forensics Part 3

Hello Reader,        This post is a bit late in the day but that happens sometimes when you are onsite and can’t sneak away for some blog writing. In the last two posts we’ve discussed where to find JSON/AJAX fragments and how Gmail stores message data within them. Today we will discuss how these artifacts are created and […]

Daily Blog #37: Web 2.0 Forensics Part 2

Hello Reader,             Sunday Funday is always fun for me for two reasons. One it gets me two blog posts out of one so I get more time to get work done and two I like getting a general feeling of what level of understanding exists on certain artifacts. So while you get a prize, that […]

Daily Blog #36: Sunday Funday 7/28/13 Winner!

Hello Reader,                 This Sunday Funday I thought was easier than the last and we had several submissions both post on the blog and submitted anonymously but only one was done before the deadline of Midnight PST. o congratulations go out to Jonathan Turner who while not having the most complete answer of […]

Daily Blog #35: Sunday Funday 7/28/13

Hello Reader,           It’s that time again, Sunday Funday time! For those not familiar every Sunday I throw down the forensic gauntlet by asking a tough question. To the winner go the accolades of their peers and prizes hopefully worth the time they put into their answer. This week we have quite the prize from our friends […]

Daily Blog #34: Saturday Reading 7/26/13

Hello Reader,        It’s Saturday, time to put on a long movie for the little ones while you fire up the web browser to prepare for another week of deep dives into forensic images. This week we have links to deep reads on a wide range of topics so I hope you’ll stay informed as we all move […]

Daily Blog #33: Web 2.0 Forensics Part 1

Hello Reader,                 I’ve finished two series, I’ve never even finished one in the last 5 years so I think this daily blog experiment is working. Thanks to all of you that are following along, I know it can be hard to keep up daily and for those that do (I compulsively watch pageviews) […]

Blog Post #32: Go Bag part 7 end of series

Guten tag Reader,          It’s time to wrap up this series and move onto to other topics. I hope you’ve found these scenarios and how I deal with them from my light go bag helpful. Hopefully I can help you lighten your load when you are out in the field, it really is a more pleasant experience. […]

Daily Blog #31: Go Bag Part 6

Hello Reader,                     Have I mentioned how good Civ 5 brave new world is? It’s really good, and the reason I’m writing this blog post this morning instead of last night again. Tip, playing Venice is hard on king. I realized I missed a couple scenarios we should go over so I’m […]

Daily Blog #30: Go Bag Part 5

Hello Reader,             Another day another blog, I should have started this one last night but Civilization 5’s Brave New World expansion is out, and it’s really good. I am going to try to finish the Go Bag series before moving on to ‘web 2.0 forensics’ and dealing with JSON fragments. In other news I’m reaching […]

Daily Blog #29: 7/21/13 Sunday Funday Winner!

Hello Reader,         I think I may have been a bit to harsh in the last contest, I’ll work to make these either more doable in a couple hours or span them out over more days in the future. For those who were hesitant to enter you should know the winner was the only person who submitted an […]

G-C Partners