DFIR Jobs Archives - AboutDFIR - The Definitive Compendium Project

03 Jun 2023

AboutDFIR Site Content Update – 06/03/2023

Tools & Artifacts - Windows - new entries added - Jumplist - Windows 10, RDP, Event Logs - Hidden Insights, VMware Workstation Memory Analysis, WMI Events, and another Windows Management Instrumentation (WMI) Tools & Artifacts - MacOS - new entry added - Tool List, mac_apt, APOLLO, and fseventd parser Tools & Artifacts - iOS - new entries added - iOS 15 Image (also added to Tool Testing) and Location & Device Data Tools & Artifacts -…

06 May 2023

By Cassie Doemel

AboutDFIR Site Content Update 05/06/2023

Tools & Artifacts - Windows - new entries added - Adobe Acrobat Reader (link updated), Windows 11 GUID Partition Scheme (GPT), Windows Search Index, & Windows Artifacts General Reference Tools & Artifacts - iOS - new entry added - iPhone PINs & iOS Artifact Reference Jobs - old entries cleaned up, new entries added - Flashpoint, Cellebrite, Raytheon, Nozomi Networks, Radware, Marriott, & Stripe Don't forget to submit any missing forensicators to our Forensicators of…

31 Dec 2022

By Cassie Doemel

AboutDFIR Site Content Update 12/31/22

Tools & Artifacts - Windows - new entry added - Event Logs (Cheat Sheet), Google Drive FS, File Explorer - Temporary Zip Folders, and Kaspersky Antivirus Tools & Artifacts - MacOS- new entry added - Logs - Unified Log Rolling Tools & Artifacts - Android - new entry added - Tusky Jobs - old entries cleaned up, new entries added - ADP, Pearson, Dell Secureworks, GEICO, United Airways, Xerox, Broadcom, and Malwarebytes AboutDFIR stickers are still…

09 Oct 2022

By Cassie Doemel

AboutDFIR Site Content Update 10/9/22

Tools & Artifacts - Windows - new entries added - Slack, Event Log Access, ProtonVPN, Hintfo Tools & Artifacts - Android - new entry added - Device Health Services Tools & Artifacts - iOS - new entries added - AppInstalls, AppLaunch, & AppIntents, Carplay, Safari, Siri, Unsent Messages, KnowledgeC.db Jobs - old entries cleaned up, new entries added - ZenDesk, Binary Defense, Circle, Charles Schwab, and AllState AboutDFIR stickers are still a thing! If you're interested…