Forensic Implications of GPS Systems

Built-in automobile GPS systems often prove useful in an investigation primarily because they produce trails of evidence. Assuming the internal system or the GPS satellite creates a log of visited locations, an investigator could determine where the vehicle has been. For example, if the vehicle is stolen, investigators or law enforcement could geo-locate it to […]

Pentesting and Event Logs

Event logs aren’t always reliable at face value, considering the fact that hackers have numerous ways of compromising them. Pentesters can use Metasploit’s meterpreter to run a script called clearev and utterly wipe the logs. On a Windows system, a clearev wipe would expunge Security, Application, and System logs. Furthermore, an application called clearlogs.exe can be […]

The Advantages of Open Source Forensic Tools

Open source forensic tools enjoy several advantages from being free and readily available. Open source tools gain benefits from their transparency. For example, since open source developers make their source code available to the user, other developers can peer review the original work, patch known issues, and publish changes. In the case of open source forensic […]

The Benefits of Programming in Digital Forensics

Though not a strict requirement, examination of the source code becomes an asset for agencies who use open source applications. Firstly, by understanding the code of their applications, code literate agencies gain the opportunity to create tools, packages, and scripts for their own purposes. For example, they can use languages like python, ruby, or perl […]

Investigating Linux Systems

Compared to Windows, Linux operating systems conform to a different structure, creating different implications for investigators who wish to examine systems like RedHat, Ubuntu, Android, or Kali.  Most Linux systems abide by a file system hierarchy (or FSH), which denotes how files are classified and how objects are stored.  For example, according to FSH, “/” […]