- Challenges & CTFs – old entries cleaned up, new entries added:
- CTFs:
- BelkaCTF #6: Bogus Bill
- CTF Walkthroughs:
- Belkasoft CTF 6: Write-up
- CTFs:
- Jobs – old entries cleaned up, new entries added:
- CyberClan
- IronGate Cybersecurity
- Mandiant (now part of Google Cloud)
- modePUSH
- NCC Group
- RSM
- SentinelOne
- Tools & Artifacts – Android – new entries added:
- Tools:
- ALEAPP
- Artifacts:
-
- Android – Digital Wellbeing – Investigating Android Digital Wellbeing
- Samsung Bluetooth Call Routes – Road Trippin’ – Exploring Bluetooth Call Routes on Samsung Phones
- Samsung Power Events – DeRR.p. Investigating Power Events on Samsung Devices
-
- Tools:
- Tools & Artifacts – Google Workspace – new entries added:
- Artifacts:
-
- Google Workspace Forensics – Respond and Investigate a Compromised Google Workspace User
-
- Artifacts:
- Tools & Artifacts – iOS – new entries added:
- Tools:
- iLEAAP
- Artifacts:
-
- Apple Notes – Investigating Apple Notes
- iOS Backups – All You Wanted To Know About iOS Backups
- Splitwise – Splitwise on iOS
-
- Tools:
- Tools & Artifacts – Linux – new entry added:
- Artifacts:
- TestDisk – TestDisk in Linux and recover deleted files
- Artifacts:
- Tools & Artifacts – Windows – new entry added:
- Artifacts:
- Prefetch – Operation-based prefetching
- Artifacts:
Final reminder to everyone that RSA Conference 2024 is almost here and will be held between Monday May 6th – Thursday May 9th at the Moscone Center in San Francisco, CA. Ed Skoudis from SANS wrote a quick newsletter giving more details about the event which you can find here!
Don’t forget to submit any missing forensicators to our Forensicators of DFIR page! Also, please consider submitting any DFIR or InfoSec related job openings via our form!
Fabian (@DFIRDominican)