Knowledge Base

Collecting-Hidden-Partition-Information

Collecting Hidden Partition Information

Leave a Comment / CHFI, Knowledge Base / By

In this article explain Collecting Hidden Partition Information and diffrent types of hard disk partition and file formates. 1. Partition Logic Partition Logic is a hard disk partitioning and data management tool. It can create, delete, erase, format, defragment, resize, copy, and move partitions and modify their attributes. It can copy entire hard disks from one to another. 2. Partition Find & Mount Partition Find & Mount implements a new concept of deleted or lost …

Collecting Hidden Partition Information Read More »

Other-Important-Information-of-forensic-Investigation

Other Important Information of Forensic Investigation

Leave a Comment / CHFI, Knowledge Base / By

In this article explain Other Important Information of forensic Investigation using investigator. Clipboard Contents Clipboard is a temporary storage area, where the system stores data during copy and paste operations. Most Windows applications provide this functionality through the Edit option on the menu bar, Clicking Edit reveals a drop-down menu, which contains choices, like cut, copy, and paste. The user selects text or other data, chooses copy, and then chooses Paste to insert that data …

Other Important Information of Forensic Investigation Read More »

How-to-Open-Files-using-Command -Line

How to Open Files using Command Line

Leave a Comment / CHFI, Knowledge Base / By

Open Files using Command Line in this when the output obtained from psloggedon.exe commands shows the investigators that there are users logged on to the system remotely, then the investigators will also want to see what files have they opened, if any. Many times when someone accesses a system remotely, they might be looking for something specific while opening files. A user in a corporate environment could have shared available content and allowed other users to …

How to Open Files using Command Line Read More »

Introduction-to-Operating-System-Forensics

Introduction to Operating System Forensics

Leave a Comment / CHFI, Knowledge Base / By

Operating System Forensics is that the process of retrieving useful information from the OS (OS) of the pc or mobile device in question. The aim of collecting this information is to accumulate empirical evidence against the perpetrator. An OS (OS) is that the software component of a computing system that’s liable for the management and coordination of activities and therefore the sharing of the resources of the pc . The OS acts as a number …

Introduction to Operating System Forensics Read More »

Anti-Forensics Countermeasures

Anti-Forensics Countermeasures

Leave a Comment / CHFI, Knowledge Base / By

This article is based on Anti-Forensics Countermeasures & Anti-Forensics Challenges Anti-Forensics Tools: Privacy Eraser, Anti-Forensics Tools: Azazel Rootkit, Anti-Forensics Tools: QuickCrypto etc… Anti-Forensics Countermeasures Anti-Forensics Countermeasures this topic is explained in his article with the help of their tools like  Privacy Eraser, Azazel Rootkit, QuickCrypto etc. Investigators can overcome the anti-forensic techniques discussed in this module through improved monitoring of systems or by fixing bugs in the current generation of computer forensic tools. Replace weak …

Anti-Forensics Countermeasures Read More »

Anti-Forensics Techniques that Minimize Footprint

Anti-Forensics Techniques that Minimize Footprint

Leave a Comment / CHFI, Knowledge Base / By

This article is based on Footprint and their Anti-Forensics Techniques like Memory injection and Syscall Proxying, Userland Execve Technique, Syscall proxying, Exploiting Forensics Tools Bugs,Detecting Forensic Tool Activities Memory injection and Syscall Proxying In the buffer over–flow exploit attack, the attackers use buffer overflows as entry to a remote system in order to inject and run code in the address space of a running program, thereby successfully altering the victim program’s behavior. Then, the attacker …

Anti-Forensics Techniques that Minimize Footprint Read More »

Anti-Forensics-Techniques-Rootkits

Anti-Forensics Techniques: Rootkits

Leave a Comment / CHFI, Knowledge Base / By

Rootkits are one of the anti-forensic techniques that attackers use to hide data, malicious files, and processes. This software is intended to hide processes that could reveal an attack from the OS itself. Rootkits allow viruses and malware to “hide in plain sight” by concealing files in ways that antivirus software might overlook them, disguising files as legitimate system files, through unlinking processes, and even hiding from detection by the OS, Rootkits themselves are not …

Anti-Forensics Techniques: Rootkits Read More »

Understand-Steganalysis

Understand Steganalysis

Leave a Comment / CHFI, Knowledge Base / By

Understand Steganalysis is the process of discovering the existence of the hidden information within a cover medium. Steganalysis is the reverse process of steganography. It is one of the attacks on information security in which an attacker, called steganalyst, tries to detect the hidden messages embedded in images, text, audio, and video carrier mediums using steganography. It determines the encoded hidden message, and if possible, it recovers that message. It can detect the message by …

Understand Steganalysis Read More »

Anti-Forensics-Techniques-Steganography

Anti-Forensics Techniques: Steganography

Leave a Comment / CHFI, Knowledge Base / By

Anti-Forensics Techniques: Steganography, the art of hidden writing, has been in use for centuries. It involves embedding a hidden message in some transport or carrier medium and mathematicians, military personnel, and scientists have been using it. They all engage in changing the common language and transferring it through secret and hidden communication. The history of steganography dates back to the Egyptian civilization. Today, with the emergence of the Internet and multimedia, the use of steganography …

Anti-Forensics Techniques: Steganography Read More »

System-Software-Password-Cracking

System Software Password Cracking

Leave a Comment / CHFI, Knowledge Base / By

System software password cracking refers to the process of cracking the OS and all other utilities that enable a computer to function. The system creates passwords for the software to avoid access to system files and other secured information used during the booting of the system. Following are the ways by which one can access the system: Bypassing the BIOS password Using tools to reset the admin password 1. Bypassing BIOS Passwords Basic Input Output …

System Software Password Cracking Read More »