top of page
Please access this website using a laptop / desktop or tablet for the best experience
Exploring Magnet Encrypted Disk Detector (EDDv310)
Introduction In the world of digital forensics and incident response, determining if a computer’s drive is encrypted is a crucial step....
-
Jun 27, 20242 min read
Unleashing the Power of DB Browser for Forensic Analysis
Introduction DB Browser, also known as SQLite Database Browser, is a powerful tool initially designed to create, search, and modify...
-
Jun 25, 20242 min read
MetaDiver: A Comprehensive Forensic Analysis Tool( for metadata analysis)
MetaDiver is a powerful forensic tool designed to analyze and extract metadata from various file types. Overview of MetaDivera MetaDiver...
-
Jun 23, 20242 min read
KAPE: Few Use Cases for Incident Responders
After numerous requests, I've compiled a comprehensive list of practical use cases for KAPE (Kroll Artifact Parser and Extractor). This...
-
Jun 21, 20242 min read
Understanding and Managing Thumbnail Cache in Windows: Tools thumbcache_viewer_64
Introduction Thumbnail cache in Windows is an essential feature that helps speed up the display of folders by storing thumbnail images. ...
-
Jun 19, 20242 min read
Streamlining USB Device Identification with a Single Script
Identifying and analyzing USB device details can be a tedious and time-consuming task. It often requires combing through various system...
-
Jun 17, 20242 min read
USB MSC Device Forensics: A Quick Guide for Windows
Hey there, tech detectives! If you're digging into USB devices on Windows 7 to 10, here's a handy guide to help you gather all the...
-
Jun 17, 20242 min read
Auditing Files and Folders on External Media || Tools for USB Device Analysis
When investigating external media connected to a system, determining what files and folders were accessed on the media is critical. This...
-
Jun 16, 20242 min read
Linking USB Devices to User Accounts and using Microsoft-Windows-Partition/Diagnostic.evtx for Device Profiling"
Linking USB Devices to User Accounts If the d evice you’re profiling is a mass storage class USBSTOR device , you can go a step further...
-
Jun 15, 20243 min read
Tracking Drive Letters and Volume GUIDs : A Forensic Guide
When investigating devices connected to a computer, every small detail can help. Identifying Drive letter: For instance, the v olume...
-
Jun 14, 20244 min read
USB Device Profiling: How to Track Key Timestamps
When it comes to USB key forensics, understanding the timeline of device connections and disconnections can be crucial. Key Timestamps...
-
Jun 12, 20242 min read
Profiling Device Volume Names in the Windows Registry
Volume Name When performing a forensic examination of connected devices, one of the key pieces of information we aim to gather is the...
-
Jun 10, 20242 min read
Windows Common Artifacts Paths for Forensics
In the realm of digital forensics, collecting and analyzing artifacts from various system paths is crucial for uncovering valuable...
-
Jun 8, 20241 min read
Audit USB Devices on Windows : USBSTOR and USB
Updated on Jan 24, 2025 USB devices play a crucial role in digital forensics and IT security. Whether you're investigating a security...
-
Jun 6, 20243 min read
Streamlining Incident analysis: An All-in-One PowerShell Script
Incident response can be a daunting task, especially when it requires gathering a multitude of system details. To simplify this process,...
-
Jun 4, 20242 min read
Understanding USB Artifacts: HID, MTP, PTP, and MSC Devices
USB devices play an essential role in digital forensics. While some devices, like Human Interface Devices (HIDs), may not seem...
-
Jun 3, 20243 min read
The Role of USB Devices in Enterprise Threats and Digital Forensics
Since their inception, r emovable devices have posed a significant threat to enterprise security. From insider threats and confidential...
-
Jun 2, 20242 min read
Enterprise-Wide Incident Response: Leveraging Logs and Data for Effective Threat Detection
In the realm of cybersecurity, incident response (IR) is a critical function that helps organizations detect, mitigate, and recover from...
-
May 30, 20243 min read
Effective Incident Response: Containment and Eradication
In the realm of cybersecurity, responding to incidents promptly and effectively is crucial. This detailed guide covers best practices in...
-
May 28, 20242 min read
NirSoft Network Usage View (NUV): Streamlining SRUM Analysis
The landscape of digital forensics is ever-changing, with tools and techniques continually evolving to meet the demands of modern...
-
May 26, 20242 min read
bottom of page