Digital Forensics Software
Subscribe to Digital Forensics Software

The Lead

Streamlining the Digital Forensic Workflow: Part 1

September 4, 2014 6:53 am | by John J. Barbara | Articles | Comments

It has now reached the point that it is no longer practical for an examiner to forensically analyze each and every piece of evidence. Depending upon the alleged crime, often the incriminating evidence can be found in an e-mail, a document, the browser history, an SMS, or some other source. This leads to the obvious conclusion that examiners are going to need a new approach to streamline their workflow.

Solid State Drives: Part 7

August 27, 2014 8:12 am | by John J. Barbara | Articles | Comments

SSDs have been in use since the 1950s. When compared to a conventional HDD, they are totally...

Talk Forensics - Investigations in the Cloud

July 14, 2014 8:55 am | Videos | Comments

The software and data for cloud applications are stored on servers owned by a third party and...

Solid State Drives: Part 6

June 25, 2014 8:29 am | by John J. Barbara | Articles | Comments

When compared to a typical hard drive, SSDs are totally different in design and functionality...

View Sample


In order to effectively investigate crimes involving social media, it is imperative that law enforcement understand “how” social media is stored, “where” such information is stored and found, and “how” to obtain such information using forensically sound p

Book Excerpt: Social Media Investigation for Law Enforcement

June 18, 2014 8:33 am | by By Joshua Brunty and Katherine Helenek | Elsevier | Articles | Comments

In order to effectively investigate crimes involving social media, it is imperative that law enforcement understand “how” social media is stored, “where” such information is stored and found, and “how” to obtain such information using forensically sound procedures. Social media requires a different mind-set to traditional investigative and current forensic methodologies. 

Talk Forensics - Validating Your Tools

May 19, 2014 4:28 pm | Videos | Comments

This edition will look at forensic tool validation. Myriad tools exist for the examination of digital evidence. These tools automate many of the tedious forensic processes and allow you to perform investigations more efficiently, but it is important that you not take these tools for granted.

Complex Criminal Networks Detected with Mobile Phone Data

April 17, 2014 12:19 pm | by Indiana Univ. Bloomington | News | Comments

A researcher is using network science and a connected society to fight crime. Data produced by dynamical relationships is integrated into a statistical framework using algorithms that can model connectivity between individual “players,” laying out the multiple relationships into a network representation.


The Mobile Device in the Big Data World

March 26, 2014 2:15 pm | Webinars

Big Data is the new norm in today’s world. It is extremely challenging to capture, store, analyze and visualize. Dealing with digital data coming from computers, servers and networks is challenging enough without introducing data from mobile devices. In today's landscape, if you are not already dealing with data from mobile devices, especially smart mobile devices, you are missing much of this "Big Data picture". 

Expansion of a Cheminformatic Database of Spectral Data for Forensic Chemists and Toxicologists

December 30, 2013 11:34 am | by Peter Stout, Katherine Moore, Megan Grabenauer and Jeri Ropero-Miller, NIJ | News | Comments

A new ForensicDB project sought to expand ForensicDB's capacity for user traffic and database queries, increase associate curators' participation, and further develop software automation to better manage the records submitted.         

Case Assessment Tool

November 19, 2013 7:48 am | Product Releases | Comments

Tracks Inspector, an early case assessment tool which simplifies the investigation of digital forensic evidence, is now available to the UK public sector via the Government’s CloudStore, part of the G-Cloud framework. 

Solid State Drives: Part 2

August 28, 2013 5:49 am | by John J. Barbara | Articles | Comments

One commonality between a typical hard drive and an SSD is that they both store data. However, the way in which they do so is totally different. To fully comprehend how SSDs function, it is necessary to understand SSD terminology. Doing so will also provide insight into the “pitfalls” of their forensic examination.

Mozilla Firefox Forensics: Part 4

April 12, 2013 7:03 am | by John J. Barbara | Articles | Comments

Firefox (version 16.0.2) typically includes twelve SQLite databases, each of which performs a different function such as to store bookmarks, cookies, places visited, searches, and so forth.


Mozilla Firefox Forensics: Part 3

February 12, 2013 12:38 pm | by John J. Barbara | Articles | Comments

The majority of potential forensic information from Firefox does not reside in the Windows Registry, but rather in two directories located in the individual User account(s).

Dropbox Decryption and Web Video Recovery

January 24, 2013 7:00 pm | Forensic Magazine | Product Releases | Comments

With a strong commitment to helping law enforcement, military, government, and corporate organizations recover data from a broad range of Internet-related communications, Magnet Forensics (formerly JADsoftware) has unveiled v5.8 of its INTERNET EVIDENCE FINDER

Mozilla Firefox Forensics: Part 2

December 20, 2012 7:01 am | by John J. Barbara | Articles | Comments

The most prevalent software applications in use today are probably Web browsers. Although browsers are complex software applications, they have common functionality regarding their main components.

Social Media and the Changing Role of Investigators

December 20, 2012 6:24 am | by Benjamin Wright | Articles | Comments

Investigative methods when collecting evidence from social media vary substantially from traditional digital forensic techniques creating new legal and procedural challenges.

Windows 7 Registry Forensics: Part 7

October 18, 2012 11:23 am | by John J. Barbara | Articles | Comments

Security Identifiers (SIDs) are unique alphanumeric character strings of variable length that are assigned during the log-on-process to each user on a stand-alone system or to each user, group, and computer on a domain-controlled network.


Authenticating Images

September 27, 2012 8:00 pm | Product Releases | Comments

Fourandsix Technologies, Inc. has introduced their first product, FourMatch, which instantly distinguishes unmodified digital camera files from those that may have been edited. Fourandsix Technologies was co-founded last year by Kevin Connor, a 15-year veteran of the Adobe Photoshop team, and Hany Farid, a pioneering scientist in image forensics. Dr.

Forensic Search Software

September 12, 2012 6:04 am | Product Releases | Comments

Learn more at Booth 17 at The Evidence Conference October 1-2, 2012.

Windows 7 Registry Forensics: Part 6

August 10, 2012 10:53 am | by John J. Barbara | Articles | Comments

Registry Keys track each mounted volume and assigned drive letter used by the NTFS file system. Information concerning any external devices that had previously been attached to the system will be recorded in certain Registry Keys.

Mac Forensic Analysis Tool

July 12, 2012 8:00 pm | Forensic Magazine | Product Releases | Comments

BlackBag Technologies, Inc., developer of forensics software, training, and eDiscovery solutions, announces the availability of BlackLight 2012 R2, a comprehensive iPhone, iPad, and Mac OS X forensic analysis tool.

PDF Password Recovery

June 18, 2012 8:00 pm | ElcomSoft Co., Ltd. | Product Releases | Comments

Advanced PDF Password Recovery recovers or instantly removes passwords protecting or locking PDF documents created with all versions of Adobe Acrobat or any other PDF application. Features and Benefits

Windows 7 Registry Forensics: Part 5

June 18, 2012 3:45 pm | by John J. Barbara | Articles | Comments

Artifacts are items of data or information left behind after a specific activity occurs on a system. Any USB device attached to a system will leave artifacts in several locations.

Forensic Access to iCloud Backups

May 22, 2012 8:00 pm | ElcomSoft Co., Ltd. | Product Releases | Comments

ElcomSoft Co. Ltd. has discovered yet another way to access information stored in Apple iOS devices by retrieving online backups from Apple iCloud storage. The company updated Elcomsoft Phone Password Breaker, a tool to retrieve user content from password-protected backups created by Apple iOS devices and BlackBerry smartphones, with the ability to retrieve iPhones’ user data from iCloud.

Mobile Forensic Data Extraction, Decoding, and Analysis

May 21, 2012 8:00 pm | Cellebrite | Product Releases | Comments

Cellebrite, provider of mobile forensic and mobile data transfer solutions, announced the release of several advancements for the company’s Universal Forensic Extraction Device (UFED) Series.

Data Recovery Software

May 20, 2012 8:00 pm | Product Releases | Comments

JAD Software recently released version 5.4 of their popular Internet Evidence Finder. Internet Evidence Finder is available in Standard licensing with a USB Dongle and the portable Triage solution. IEF is data recovery software that finds existing and deleted data from Internet-related communications left behind on a computer hard drive. New to this version:

Photo and Video Analysis

May 16, 2012 8:00 pm | Product Releases | Comments

ZiuZ VizX 2 is a total solution for analysing video and photo material confiscated in investigations into sexual child abuse.

Audio Editing

May 14, 2012 8:00 pm | Product Releases | Comments

CEDAR Audio Ltd. invented and patented a highly successful method of editing audio using a spectrogram‐based interface. CEDAR Audio announces that it has entered into a licence agreement with iZotope, Inc., granting iZotope a non‐exclusive license to U.S Patent No. 7,978,862 for the iZotope RX 2 Spectral Repair module.

You may login with either your assigned username or your e-mail address.
The password field is case sensitive.