Blog

2018

Reflection on the Course

The last four weeks of semester have been extremely busy, and I haven’t had a chance to do regular reflections. Additionally, I was focusing on my extended r...

AT1: A Postmortem

After submitting the investigation journals for AT1, I have been reflecting a lot about the content of the images, and the way in which I approached the inve...

AT1 Windows Image Reflection

Overview The Windows image brought to light some ideas that were hinted at in the USB image. This Windows machine was used by multiple users, and they appea...

AT1 USB Image Reflection

Overview My first approach with the USB drive was to open the image in Autopsy, and from there get a feel for the content. There were several files on the U...

AT1 and Tooling Tips

I have been working on image01 of assessment task 1 this week, and throuhgout the course of investigation, I have learned a bit more about how some key tools...

Drive Forensics Reflection

Over the last two weeks we’ve been delving heavily into drive forensics, examining ways of recovering deleted files on different file systems, and how data c...

Week 03 Challenge Part 2 Writeup

Below is a writeup of solutions to Alternate Data Stream challenges from week03. I didn’t get time to try these myself, but here are some notes from the foll...

Acquisition

The Week 03 lecture focused on the methodology and approaches for acquisition of systems to be investigated, from covert operations to make copies, to intent...

Week 03 Challenge Part 1

The challenge for this week is to work on a .dmg image, to try and discover as many hidden flags by performing a forensic analysis on the image. And, in the ...

Forensics Introduction

I was very excited to begin lectures for Forensics this week. This first overview lecture covered some important aspects of Digital Forensics that I hadn’t t...

Back to Top ↑