Tag Archives: Digital Forensics Association

Mac Forensics Report OS X El Capitan

Mac Forensics Report Official Release

mac forensics report is complete In the Mac Forensics report, the team at the LCDI looked at operating systems for Macs and tried to determine what artifacts can be collected and where their default locations can be found. Then they compared the two main operating systems: OS X and El Capitan. background information Last year […]

Continue reading
Chat Forensics World of Warcraft

MMORPG Chat Forensics Final Report

CHAT FORENSICS FINAL REPORT COMPLETE One of the favorite projects last semester was the MMORPG Chat Forensics. The team has been hard at work compiling all of their information to share with everyone. The project focused on Massively Multiplayer Online Role-Playing Games (MMORPGs) and their online chat systems. Purpose and scope The goal of this […]

Continue reading
raspberry pi cyber

Raspberry Pi Cyber Final Report

The Raspberry pi cyber report is up! Last semester, the LCDI team worked on a project using Raspberry Pi Cyber. We are very excited to announce that the project is now complete. If you had followed the team’s progress throughout the last semester, you are probably looking forward to the final report. Well, here it […]

Continue reading
malware analysis skull and crossbones

Malware Analysis Project Update

FINAL Malware Analysis Update Introduction: Throughout this semester, we’ve been working diligently  to create a malware analysis environment that  is both effective and easily accessible.  After considerable research and testing,we   have learned useful information about various aspects of  malware analysis. Cuckoo allows us to automate the process by simply importing malware into it and  receiving […]

Continue reading
project recall

Project Recall: Windows 8 and 10 Forensics – Spring 2015

The Project Recall series will revisit successful and productive projects in the LCDI’s past. Windows 8 and 10 The mission of this project is to discover differences in the artifact locations of Windows 8 and Windows 10. It will also be within the scope of this project to find and discover new artifacts that are […]

Continue reading
incognito forensics

Incognito Forensics Update

Intro As we wrap things up for the semester, we have begun artifact research for our incognito forensics project, imaging the virtual machine and importing it into FTK. We encountered a problem when searching for incognito artifacts due to the fact that the general browsing session artifacts were also on the incognito virtual machine. We […]

Continue reading
mobile apps skype, facebook, twitter, LinkedIn, Angry Birds, New York Times, and others logos

Mobile Apps Forensics Update

Intro Our team was able to make significant progress on our project in the past few weeks. Since our last post, we have been able to successfully get an image of the iPhone 5 that we used for data generation and have completed our analysis of the applications Yik Yak and Periscope. Next we will […]

Continue reading
Chat Forensics World of Warcraft

MMORPG Chat Forensics Update

Intro The goal of our first round of data generation was to figure out the best ways to generate data and identify potential game files that might record commands or conversations. With the first round of data generation complete, we have shifted our focus towards analyzing game files. Analysis of chat forensics progress Since our […]

Continue reading
MacOSX Yosemite blurred background

Mac OS X Forensics Update

Intro On September 30th, 2015, Apple released its latest update to Mac OS X: El Capitan. El Capitan brings with it many improvements and features, such as Metal, IOS’s graphics API, improvements to Safari, Mail, IPhoto, and much more. Since our last blog post a few weeks ago, we have been busy with our research […]

Continue reading
Windows 10 logo with Surface pro device, case, and pen with blue background

Windows 10 Forensics Project Update

Intro In the weeks following our last blog post on Windows 10 forensics, we have verified that the findings from the previous semester’s project are indeed in the same locations in the Official Windows 10 release. We have since generated a variety of data focusing on the Cortana, Edge, maps, mail, and phone companion applications. […]

Continue reading