- Jobs – old entries cleaned up, new entries added – Magnet Forensics, NCC Group, Palo Alto Networks Unit 42, SentinelOne
- Tools & Artifacts – Android – new entries added – Android – Gmail – Investigating Android Gmail, WhatsApp – Forensic Duel: Exploring Deleted WhatsApp Messages—iOS vs Android
- Tools & Artifacts – AWS – new entry added – Tools – Cado’s Import UI
- Tools & Artifacts – Azure – new entry added – Tools – Cado’s Import UI
- Tools & Artifacts – DVR/Multimedia – new entry added – Video/Image Analysis – Enhance and Optimize Facial Detail
- Tools & Artifacts – Google Cloud – new entry added – Tools – Cado’s Import UI
- Tools & Artifacts – iOS – new entries added – iOS 15 – iOS 15 Image Forensics Analysis and Tools Comparison – Browsers, Mail Clients, and Productivity Apps, WhatsApp – Forensic Duel: Exploring Deleted WhatsApp Messages—iOS vs Android
- Tools & Artifacts – Linux – new entry added – Linux Forensics – Linux Forensic Artifacts
- Tools & Artifacts – macOS – new entry added – Mounty – File Timestamps for NTFS on macOS using Mounty
- Tools & Artifacts – Microsoft 365 – new entry added – Tools – GraphRunner
- Tools & Artifacts – Windows – new entries added – Event Tracing (ETW) – ETW Internals for Security Research and Forensics, Memory Forensics – Volatility3: Alternate Data Stream Scan, The RULER Project – Really Useful Logging and Event Repository (RULER) Project
This is a friendly reminder that GIAC has released a new Applied Knowledge Certification – GIAC Experienced Penetration Tester (GX-PT). The primary fit SANS course for this certification exam is SEC560: Enterprise Penetration Testing (GPEN). Click here for more details on this new certification!
Don’t forget to submit any missing forensicators to our Forensicators of DFIR page! Also, please consider submitting any DFIR or InfoSec related job openings via our form!
Fabian (@DFIRDominican)