"Computação Forense"
36.1K views | +0 today
Follow
"Computação Forense"
Tecnologia e Computação Forense - Computer Forensics
Curated by João Carvalho
Your new post is loading...
Your new post is loading...
Scooped by João Carvalho
Scoop.it!

Week 24 – 2018 –

Week 24 – 2018 – | "Computação Forense" | Scoop.it
I'm back! Thankfully was able to get the post done today before jetlag set in. I'll probably do a recap of the trip this week if I get a chance to jot down some thoughts. Overall it was fantastic and I had a great time, but it's good to get home; 4 weeks away is…
more...
No comment yet.
Scooped by João Carvalho
Scoop.it!

Parsing APFS with Axiom before the thing from Lost eats you – The Swanepoel Method

Parsing APFS with Axiom before the thing from Lost eats you – The Swanepoel Method | "Computação Forense" | Scoop.it
more...
No comment yet.
Scooped by João Carvalho
Scoop.it!

Getting started in Digital Forensics

Getting started in Digital Forensics | "Computação Forense" | Scoop.it
A lot of people have asked how to get started with digital forensics. It’s great that so many people from so many different places are interested. There are many different paths available. To try to help aspiring digital forensic scientists, I put together the following recommendations for a good theoretical and practical background.
more...
No comment yet.
Scooped by João Carvalho
Scoop.it!

Memory Forensics & Tor

Memory Forensics & Tor | "Computação Forense" | Scoop.it
Memory forensics is a powerful tool. All executed code and data passes through RAM which makes it perfect for hunting malware. Most discussion on memory forensics is focused (rightly) on malware analysis, and the benefits of memory forensics for non-malware scenarios have been less publicised. Often, a lack of understanding
more...
No comment yet.
Scooped by João Carvalho
Scoop.it!

Forensic disk acquisition over the network –

Forensic disk acquisition over the network – | "Computação Forense" | Scoop.it
In some occasions you need to acquire an image of a computer using a boot disk and network connectivity. Usually, this approach is made with a Linux boot disk on the machine under analysis, and another computer used as imaging collection platform, connected via a network hub or through a crossover cable. The reasons this…
more...
No comment yet.
Scooped by João Carvalho
Scoop.it!

MBR vs. GPT Guide: What's The Difference and Which One Is Better

MBR vs. GPT Guide: What's The Difference and Which One Is Better | "Computação Forense" | Scoop.it
MBR or GPT, which one is better, and what's their exact differences? In this post, we will explain these 2 aspects in detail.
more...
Skylly_W's comment, April 10, 3:06 AM
Thank you very much@João Carvalho
Technical Support Phone Number's comment, April 10, 9:56 AM
http://www.hpprintertechsupportnumber.com/
Scooped by João Carvalho
Scoop.it!

How to Create a Free Forensic Windows Based OS for Free for Forensic Imaging, First Responders and Triage

How to Create a Free Forensic Windows Based OS for Free for Forensic Imaging, First Responders and Triage | "Computação Forense" | Scoop.it
This is a brief guide for people with an IT background, students, those who work in forensics, first responders in two ways how to create a Windows-based forensic OS for imaging and less commonly triage for free. CONTACT expert@compute-forensics.com for onsite imaging and first responder training.
more...
No comment yet.
Scooped by João Carvalho
Scoop.it!

Parsing the .DS_Store file format

About two years ago I came across a .DS_Store file and wanted to extract its information (e.g. file names). After researching the file format and its security implications, as well as writing a parser for it, I would like to share my (limited) knowledge and the parser in
more...
No comment yet.
Scooped by João Carvalho
Scoop.it!

Computer Forensics Tools for Hackers and Security Professionals

Computer Forensics Tools for Hackers and Security Professionals | "Computação Forense" | Scoop.it
Computer Forensics tools are more often used by security industries to test the vulnerabilities in network and applications by collecting the evidence for an indicator of compromise and take mitigation Steps.
more...
No comment yet.
Scooped by João Carvalho
Scoop.it!

Top Ten Free Computer Forensic/eDiscovery Software - 2018

Top Ten Free Computer Forensic/eDiscovery Software - 2018 | "Computação Forense" | Scoop.it
2018's top ten FREE computer forensic or eDiscovery software picks. Selected tools for data collection, indexing, search and analysis. The software chosen can aid triage for incident response teams, index and have search functions for examiners. Also, parse specific records. Please enter Compute Forensic LTD's website!
more...
No comment yet.
Scooped by João Carvalho
Scoop.it!

VMXRay - Explore VM images in your browser!

Mount and explore VM image files right within your browser. Look inside your VMDK, VDI, VHD, QCOW2 files, preview text and images, extract selected files to your desktop.
more...
No comment yet.
Scooped by João Carvalho
Scoop.it!

Using Bulk Extractor Viewer to Find Potentially Sensitive Information on a Disk Image - BitCurator

Using Bulk Extractor Viewer to Find Potentially Sensitive Information on a Disk Image - BitCurator | "Computação Forense" | Scoop.it
more...
No comment yet.
Scooped by João Carvalho
Scoop.it!

Forensic logical acquisition of Android devices using adb backup –

Forensic logical acquisition of Android devices using adb backup – | "Computação Forense" | Scoop.it
In digital forensics, the term logical extraction is typically used to refer to extractions that do not recover deleted data, or do not include a full bit-by-bit copy of the evidence, analogously to copying and pasting a folder in order to extract data from a system. So, this process will only copy files that the…
more...
No comment yet.
Scooped by João Carvalho
Scoop.it!

Clonación, bit a bit, de un disco con #Guymager y #DD en #Linux - Follow The White Rabbit

Clonación, bit a bit, de un disco con #Guymager y #DD en #Linux - Follow The White Rabbit | "Computação Forense" | Scoop.it
more...
No comment yet.
Scooped by João Carvalho
Scoop.it!

RDP logs and incident response - Koen Van Impe - vanimpe.eu

RDP logs and incident response - Koen Van Impe - vanimpe.eu | "Computação Forense" | Scoop.it
RDP logs and incident response - Koen Van Impe - vanimpe.eu - What is RDP? Remote desktop protocol (RDP) is designed by Microsoft for remote management of Windows-based virtual desktops. It provides users a graphical
more...
No comment yet.
Scooped by João Carvalho
Scoop.it!

Ransomware Incident Response and Forensics – Forensic Labs –

Generally it’s a good idea to switch off or hibernate the infected system, in case you are lucky enough it hasn’t finished encrypting files on disk. If it’s a Virtual Machine, take a snapshot. If you…
more...
No comment yet.
Scooped by João Carvalho
Scoop.it!

AXIOM V2: MEMORY FORENSICS | Digital Forensics | Computer Forensics | Blog

AXIOM V2: MEMORY FORENSICS | Digital Forensics | Computer Forensics | Blog | "Computação Forense" | Scoop.it
more...
No comment yet.
Scooped by João Carvalho
Scoop.it!

Creating a digital forensic laboratory: Tips and Tricks | Digital Forensics | Computer Forensics | Blog

Creating a digital forensic laboratory: Tips and Tricks | Digital Forensics | Computer Forensics | Blog | "Computação Forense" | Scoop.it
more...
No comment yet.
Scooped by João Carvalho
Scoop.it!

Ask The Expert: APFS Encryption

Ask The Expert: APFS Encryption | "Computação Forense" | Scoop.it
Here are our top five frequently asked questions about APFS encryption answered by Dr. Joe Sylve, one of our BlackBag forensic experts.
more...
No comment yet.
Scooped by João Carvalho
Scoop.it!

Gmail Forensic Preservation and Overlapping Labels

Gmail Forensic Preservation and Overlapping Labels | "Computação Forense" | Scoop.it
Gmail forensic preservation article on capturing Gmail labels and minimizing data duplication by acquiring mailboxes via Gmail REST API and Google Takeout.
more...
No comment yet.
Scooped by João Carvalho
Scoop.it!

Starting a New Digital Forensic Investiation Case in Autopsy 4 - YouTube

more...
No comment yet.
Scooped by João Carvalho
Scoop.it!

MetaDiver –

MetaDiver – | "Computação Forense" | Scoop.it
Finding metadata from popular document formats, image formats, audio and video formats can be a tedious task. MetaDiver simplifies the extraction and review of meta-data. If you have ever looked at…
more...
No comment yet.
Scooped by João Carvalho
Scoop.it!

How to extract a RAM dump from a running VirtualBox machine –

How to extract a RAM dump from a running VirtualBox machine – | "Computação Forense" | Scoop.it
In order to analyze it with Volatility Usually i use a VirtualBox sandbox in order to ‘detonate’ some malware and analyze the behavior of them. In this phase, the analysis of sandbox’s ram with Volatility is a mandatory step. But, how i can extract a dump af volatile memory from the VM? The process is…
more...
No comment yet.
Scooped by João Carvalho
Scoop.it!

Four tools for File Carving in forensic analysis –

Four tools for File Carving in forensic analysis – | "Computação Forense" | Scoop.it
Useful to extract files from inside disk and memory images   File carving is the process of reassembling computer files from fragments in the absence of filesystem metadata. This is done by analyzing the raw data and identifying what it is (text, executable, png, mp3, etc.). This can be done in different ways, for example reading…
more...
No comment yet.
Scooped by João Carvalho
Scoop.it!

bulk_extractor: extract useful information without parsing the file system –

bulk_extractor: extract useful information without parsing the file system – | "Computação Forense" | Scoop.it
A fast and thorough forensic tool bulk_extractor is a computer forensics tool that scans a disk image, a file, or a directory of files and extracts useful information without parsing the file system structure. Using this approach, bulk_extractor is more fast than other forensic tools and can process different parts of the disk in parallel, splitting…
more...
No comment yet.