int for(ensic){blog;}

I'm glad to see that the International Journal of Digital Evidence (IJDE) is still alive. The latest issue contains four articles, covering Windows memory forensics, mobile phone forensics, Google desktop search and protected areas of IDE hard drives.

By Andreas Schuster at 09/28/2006, 08:00 PM | Permalink

Microsoft has just released version 8.1 of its Kernel Memory Space Analyzers to the public. This program provides a lot help when analyzing Windows memory dumps in DMP format.

By Andreas Schuster at 09/13/2006, 06:45 PM | Permalink

Arne Vidstrom explains how dumping a PC's main memory over FireWire could cause the Memory Controller Hub of an Intel chipset to hang.

By Andreas Schuster at 09/06/2006, 05:05 PM | Permalink

The long awaited Windows version of Brian Carrier's famous file system analysis tool The Sleuth Kit has been released on September 1, 2006.

By Andreas Schuster at 09/06/2006, 08:00 AM | Permalink

Version 0.3.00 of PTFinder has been released. This version adds some experimental support for XML output.

By Andreas Schuster at 09/03/2006, 06:00 PM | Permalink

NIST just released the draft version of their guidelines on cell phone forensics to the public. In about a hundred pages the document covers tools and procedures for preserving, acquiring, and examining digital evidence found on cell phones.

By Andreas Schuster at 09/01/2006, 07:40 AM | Permalink