Forensic Mounting of Disk Images using Ubuntu 20.04Basic commands, parameters, syntax and scripted disk mounting using ermount.shJun 16, 20201Jun 16, 20201
Extracting Windows Prefetch FilesWhat is Prefetch? Prefetch is a Windows feature implemented to speed up the loading of programs, Information by default is stored as an…May 12, 2020May 12, 2020
Accessing NTFS Extended Attributes from Linux Part 2Using the “getfattr” command to extract NTFS MACB, ObjectID, EA and other attribute valuesMar 17, 20191Mar 17, 20191
Accessing NTFS Extended Attributes from LinuxAlternate Data Streams and crtime TimestampsMar 2, 2019Mar 2, 2019
Installing RegRipper v2.8 on UbuntuThe new version of RegRipper (Rip v.2.8_20180406) has lots of new plugins and capabilities. The installation is a little tricky so as with…Nov 4, 2018Nov 4, 2018
Updating to the latest RegRipper on SANS SiftRunning RegRipper on Windows is great and all, but what if you want to use Linux instead? Well, the latest SANS Sift (2018.038.0) comes…Nov 2, 2018Nov 2, 2018
