How To - Forensic Memory Acquisition in Linux with LiME
This week we will be using LiME to acquire a memory image in a suspect Linux system. LiME is a loadable kernel module that needs to be compiled based on the ...
This week we will be using LiME to acquire a memory image in a suspect Linux system. LiME is a loadable kernel module that needs to be compiled based on the ...
This week we will talk about The Sleuth Kit, and specifically the tool tsk_recover. tsk_recover is a useful tool for allocated and unallocated file recovery....
Data is valuable. Ransomware takes advantage of the financial or sentimental value of our data, as well as the fact that most homes and organizations do not ...
This week we will show how to use Photorec to recover data form a suspect disk image. Photorec supports the recovery of many different file types, but we wil...
This single is informational for digital forensic investigators and first responders. Be aware of the ‘USB Killer’. Very basically, it’s a USB device that co...