Home

Prologue Still need to write one up Introduction With the field of digital forensics growing at an almost warp-like speed, there are many issues out there that can disrupt and discredit even the most experienced forensic examiner. One of the issues that continue to be of utmost importance is the validation of the technology and software associ...

Prologue “How do I write a good DFIR report?” -Literally Everyone at some point You wouldn’t believe how many times that question gets asked out of me here at Marshall University (and sometimes in the DFIR community). Year after year I’ve given the same answer: a list full of outdated links and a verbal “laundry list” collection of tidbits a...

Prologue Although a digital forensic examiner may encounter many different encoding schemes in their daily casework, one of the most popular is that of Base64. Base64 is often applied to data being transported from one system to another, and is a popular encoding format because it ensures that a device (and it’s associated oeprating system) at t...