tools

Anti-Forensics-Techniques-Rootkits

Anti-Forensics Techniques: Rootkits

Leave a Comment / CHFI, Knowledge Base / By

Rootkits are one of the anti-forensic techniques that attackers use to hide data, malicious files, and processes. This software is intended to hide processes that could reveal an attack from the OS itself. Rootkits allow viruses and malware to “hide in plain sight” by concealing files in ways that antivirus software might overlook them, disguising files as legitimate system files, through unlinking processes, and even hiding from detection by the OS, Rootkits themselves are not …

Anti-Forensics Techniques: Rootkits Read More »

Anti-Forensics-Techniques-Trail-Obfuscation

Anti-Forensics Techniques: Trail Obfuscation, Artifact Wiping, Encryption, Encrypted Network Protocols and Program Packers

Leave a Comment / CHFI / By

In this article Anti-Forensics Techniques has been explained with its different topic like Trail Obfuscation, Artifact Wiping, Encryption and Program Packers this techniques etc. 1. Anti-Forensics Techniques: Trail Obfuscation Anti-Forensics Techniques Trail Obfuscation is one of the anti-forensic technique that attackers use to mislead, divert, complicate, disorient, sidetrack, and/or distract the forensic examination process. The process involves different techniques and tools, such as Log cleaners Spoofing Misinformation Backbone hopping Zombie accounts Trojan commands In this …

Anti-Forensics Techniques: Trail Obfuscation, Artifact Wiping, Encryption, Encrypted Network Protocols and Program Packers Read More »

Anti-Forensics-Techniques-Password-Protection

Anti-Forensics Techniques: Password Protection

Leave a Comment / CHFI, Knowledge Base / By

Anti-Forensics Techniques: Password Protection in this A password refers to collection of words, letters, numbers, and/or special characters used for security processes such as user authentication or to grant access to a resource. The password ensures that unauthorized users do not access the computer, network resources, or other secured information. In addition, data files and programs may require a password. Password protection shields information, protects networks, applications, files, documents, etc., from unauthorized users. Many organizations …

Anti-Forensics Techniques: Password Protection Read More »

Understand-Anti-forensics-and-their-goals

Understand Anti-forensics and their goals

Leave a Comment / CHFI, Knowledge Base / By

Understand Anti-forensics and their goals, also referred to as counter forensics, may be a set of techniques that attackers or perpetrators use so as to avert or sidetrack the forensic investigation process or attempt to make it much harder. These techniques negatively impact the number and quality of evidence from a criminal offense scene, thereby making the forensic investigation process difficult. Therefore, the investigator may need to conduct a few more additional steps so as …

Understand Anti-forensics and their goals Read More »

Understand-Acquiring-RAID-Disks

Understand Acquiring RAID Disks

Leave a Comment / CHFI / By

Understand Acquiring RAID Disks may be challenging for forensics examiners due to the RAID system design, configuration, and size. The greatest concern is the size of the RAID system, as many systems are growing into many terabytes of data. Copying small RAID systems to one large disk is possible with the availability of larger disks. Investigators should use a proprietary format acquisition with compression to store more data in small storage capacities. Acquiring RAID Disks …

Understand Acquiring RAID Disks Read More »

Data-Acquisition-Methods

Data Acquisition Methods

1 Comment / CHFI, Knowledge Base / By

Data Acquisition Methods in this article explain which of the method using on data acquition and also explain those method which is continuously using in forensic investigation. There are following four methods available for data acquisition: 1. Bit-stream disk-to-image file Forensic investigators commonly use this data acquisition method. It is a flexible method, which allows creation of one or more copies, or bit-for-bit repkations of the suspect drive. ProDiscover, EnCase, FTK, The Sleuth Kit, X-Ways …

Data Acquisition Methods Read More »

Data-Analysis-&-Evidence-Assessment

Data Analysis & Evidence Assessment

Leave a Comment / CHFI / By

Data Analysis & Evidence Assessment refers to the process of going through the data and finding the relevant evidential data and its relevance to the crime. This section will explain the process of analyzing the data in order to use it for proving the crime and the perpetrator. Data Analysis Data analysis refers to the process of examining, identifying, separating, converting, and modeling data to isolate useful information. In forensic investigation, the data analysis helps …

Data Analysis & Evidence Assessment Read More »

Laboratory-Accreditation-Programs

Laboratory Accreditation Programs

Leave a Comment / CHFI / By

Laboratory Accreditation Programs in this article explain which of the accreditation using for forensic laboratory and what are there standards and also explain risk assesment, computer investigation methodology. ISO IEC 17025 Accreditation: ISO (the International Organization for Standardization) and IEC (the International Electro­technical Commission) are part of the specialized system for worldwide standardization. They develop International Standards in association with technical committees established by the respective organization for particular fields of technical activity. In 1999, …

Laboratory Accreditation Programs Read More »

Review-Policies-and-Laws-of-Forensic-Investigation

Review Policies and Laws of Forensic Investigation

1 Comment / CHFI, Knowledge Base / By

Review Policies and Laws of Forensic Investigation it is essential to be aware of the laws that will be applicable to the investigation, including the organization’s internal policies, before starting the investigation process. Identify possible concerns related to applicable federal statutes, state statutes, and local policies and laws. Applicable federal statutes include the Electronic Communications Privacy Act of 1986 (ECPA) and the Cable Communications Policy Act (CCPA), both as amended by the USA PATRIOT ACT …

Review Policies and Laws of Forensic Investigation Read More »

Building-a-Forensics-Workstation

Building a Forensics Workstation

Leave a Comment / CHFI, Knowledge Base / By

Define the computer forensics approach clearly before Building a Forensics Workstation. For developing a forensics laboratory, the total estimated cost incurred to meet the accreditation standards of a standardized body that certifies labs will be the deciding factor for fund allocation. Funding is important in order for a successful implementation of the computer forensics lab. Calculate the yearly budget allocation for a forensics lab, based on the previous year’s statistics as well as estimated trends …

Building a Forensics Workstation Read More »