I'm glad to see that the International Journal of Digital Evidence (IJDE) is still alive. The latest issue contains four articles, covering Windows memory forensics, mobile phone forensics, Google desktop search and protected areas of IDE hard drives.
September 2006 Archives
Microsoft has just released version 8.1 of its Kernel Memory Space Analyzers to the public. This program provides a lot help when analyzing Windows memory dumps in DMP format.
Continue reading Microsoft Kernel Memory Space Analyzer.
Arne Vidstrom explains how dumping a PC's main memory over FireWire could cause the Memory Controller Hub of an Intel chipset to hang.
Continue reading Problem when Dumping Memory over FireWire.
The long awaited Windows version of Brian Carrier's famous file system analysis tool The Sleuth Kit has been released on September 1, 2006.
Version 0.3.00 of PTFinder has been released. This version adds some experimental support for XML output.
Continue reading PTFinder Version 0.3.00.
NIST just released the draft version of their guidelines on cell phone forensics to the public. In about a hundred pages the document covers tools and procedures for preserving, acquiring, and examining digital evidence found on cell phones.
