Many of you may be familiar with Yogesh Khatri's revolutionary digital forensics tool, mac_apt. His tool does wonders by parsing macOS image files and outputting valuable artifact data. However, it is very easy for your forensic answers to be lost in the vast amount of information mac_apt provides. A small team, comprised of Zach Burnham... Continue Reading →
DFS #9: What files were recently accessed?
Digital forensic investigators are typically hired to uncover what happened on a digital device. Regardless of what the device is (mobile phone, laptop, server, etc), they will do their best to produce a narrative of past system events. This narrative is often nothing more than an explained timeline of the system. To achieve this, investigators... Continue Reading →