top of page
Please access this website using a laptop / desktop or tablet for the best experience
Metadata Investigation(Exiftool): A Powerful Tool in Digital Forensics
Metadata, often described as "data about data ," is a treasure trove of hidden information embedded within files. While it’s not...
-
Feb 7, 20254 min read
Metadata Recovery: Bringing Deleted Files Back to Life
When a file is deleted from a computer, it’s not really gone. The data remains on the disk until something else overwrites it . This...
-
Feb 6, 20253 min read
Volume Shadow Copy extraction with KAPE(including data/file recovery)
--------------------------------------------------------------------------------------------------------- Before we dive into today’s...
-
Feb 5, 20253 min read
Cloud Storage Affect on file Timestamps and collection with KAPE: A Forensic Guide
😂 The Final Cloud Storage Article – I Promise! ☁️ I know you all must be thinking, "Another cloud storage article?" But trust me, this...
-
Feb 4, 20255 min read
Box Cloud Storage Forensic Investigations: Logs, Cached Files, and Metadata Analysis
Box is one of the most forensic-friendly cloud storage applications, offering extensive logging, locally cached files, and SQLite...
-
Feb 3, 20254 min read
Dropbox Forensic Investigations: Logs, Activity Tracking, and External Sharing
Dropbox presents significant challenges for forensic investigations due to encrypted databases, limited endpoint logs, and obfuscated...
-
Jan 31, 20255 min read
Investigating Dropbox Forensics
Dropbox has long been a challenging cloud storage service to investigate due to encrypted databases, hidden caches, and complex storage...
-
Jan 31, 20254 min read
Automating Google Drive Forensics: Tools & Techniques
Investigating Google Drive for Desktop can be a time-consuming process, especially when dealing with protobuf-encoded metadata and...
-
Jan 29, 20253 min read
Decoding Google Drive’s Protocol Buffers and Investigating Cached Files
Google is known for its unique data storage formats , and Google Drive for Desktop is no exception. Unlike JSON or XML , Google Drive...
-
Jan 28, 20253 min read
Investigating Google Drive for Desktop: A Forensic Guide
Google Drive is one of the most widely used cloud storage services , integrated seamlessly with Gmail, Google Workspace (G Suite), and...
-
Jan 27, 20254 min read
Investigating OneDrive for Business: Advanced Forensics & Audit Logs
Microsoft OneDrive for Business is a powerful enterprise cloud storage solution , distinct from the personal OneDrive available by...
-
Jan 24, 20253 min read
Advanced OneDrive Forensics: Investigating Cloud-Only Files & Synchronization
Cloud storage has evolved beyond simple local folder synchronization . Newer technologies, like Files On-Demand and Smart Sync , allow...
-
Jan 23, 20254 min read
OneDrive Forensics : Investigating Cloud Storage on Windows Systems
Microsoft OneDrive is the most widely used cloud storage service, thanks to its default integration in Windows and its enterprise...
-
Jan 22, 20254 min read
Forensic Challenges in Cloud Storage Investigations
With businesses and individuals rapidly shifting their data to the cloud , digital forensic investigations have become more complex....
-
Jan 21, 20254 min read
Handling Incident Response: A Guide with Velociraptor and KAPE
Over the 3 years period , I’ve created numerous articles on forensic tools and incident response (IR). This time, I want to take a step...
-
Jan 18, 202512 min read
SentinelOne Threat Hunting Series P3: Must-Have Custom Detection Rules
In this article, we continue exploring the power of SentinelOne’s custom detection rules to enhance control over your environment's...
-
Jan 17, 20252 min read
SentinelOne Threat Hunting Series P2: Must-Have Custom Detection Rules
In this article, we continue exploring the power of SentinelOne’s custom detection rules to enhance control over your environment's...
-
Jan 16, 20252 min read
SentinelOne Threat Hunting Series P1: Must-Have Custom Detection Rules
In this three-part series, we’ll explore custom rules for enhanced threat detection and hunting in SentinelOne . These rules leverage...
-
Jan 14, 20252 min read
SentinelOne(P10- New SentinelOne Console): A Practical Guide/An Practical Training
As promised, let’s dive into the new SentinelOne console and its features. Here's an overview of what the updated interface looks like:...
-
Jan 12, 20252 min read
Tracing Reused $MFT Entries Paths : Recovering Deleted File Paths Forensically with CyberCX UsnJrnl Rewind
Hey there! If you’ve been following my articles, you might already know the answer to this question. But let me ask it again: If we have...
-
Jan 10, 20253 min read
bottom of page