aaforensics.blogspot.com
Avoiding Atrophy ForensicsComputer Forensics using Linux and Freely Available Tools
http://aaforensics.blogspot.com/
Computer Forensics using Linux and Freely Available Tools
http://aaforensics.blogspot.com/
TODAY'S RATING
>1,000,000
Date Range
HIGHEST TRAFFIC ON
Saturday
LOAD TIME
2 seconds
16x16
32x32
64x64
128x128
PAGES IN
THIS WEBSITE
7
SSL
EXTERNAL LINKS
19
SITE IP
172.217.4.161
LOAD TIME
1.984 sec
SCORE
6.2
Avoiding Atrophy Forensics | aaforensics.blogspot.com Reviews
https://aaforensics.blogspot.com
Computer Forensics using Linux and Freely Available Tools
aaforensics.blogspot.com
Avoiding Atrophy Forensics: August 2014
http://aaforensics.blogspot.com/2014_08_01_archive.html
Computer Forensics using Linux and Freely Available Tools. Saturday, August 2, 2014. File Carving with PhotoRec. This post relies on an understanding of information from a previous post that can be found here. The purpose of this post is to discuss file carving (in the general sense) and then specifically the PhotoRec tool. Some things I won't be discussing are Foremost and Scalpel, two other tools commonly used for file carving (I gotta leave some information for later) or file and ram slack. 00000050 5...
Avoiding Atrophy Forensics: July 2014
http://aaforensics.blogspot.com/2014_07_01_archive.html
Computer Forensics using Linux and Freely Available Tools. Sunday, July 27, 2014. Physical Disks and Logical Volumes. At the beginning of last week I took a leap into the world of Open Source forensics at a new level. My goal is to complete a full case using only open source tools. As a result, more posts. These sectors are the smallest physical storage unit on the drive. Sectors are tracked with factory set tracking controlled by the hard drives circuit board. Like NTFS, FATxx, EXTx, ZFS, JFS, UFS, XFS,...
Avoiding Atrophy Forensics: April 2014
http://aaforensics.blogspot.com/2014_04_01_archive.html
Computer Forensics using Linux and Freely Available Tools. Sunday, April 27, 2014. Command is not installed on Ubuntu by default but can be obtained from the repository. The program 'xmount' is currently not installed. You can install it by typing:. Sudo apt-get install xmount. Sudo apt-get install xmount. Option to show the version (it does not work with xmount but most does with many other Linux commands) or you may want to run the which. The Sleuth Kit ver 4.1.3. So lets get into xmount. And we have a .
Avoiding Atrophy Forensics: May 2014
http://aaforensics.blogspot.com/2014_05_01_archive.html
Computer Forensics using Linux and Freely Available Tools. Saturday, May 10, 2014. The Master File Table - Part 2. We are going to be using the ghex program that we installed in Part 1 and the mft.raw file that was also created in Part 1. I have placed a red box and number next to some important components of this application. Number 1 shows the offset or location (in bytes) that is currently selected. It also shows how many bytes and which bytes we have selected. I am not going to spend any time on this...
Avoiding Atrophy Forensics: July 2015
http://aaforensics.blogspot.com/2015_07_01_archive.html
Computer Forensics using Linux and Freely Available Tools. Thursday, July 30, 2015. Windows Registry and Registry Artifacts. Modifying the registry is a dangerous operation and can very possibly make your system unusable (at least temporarily). This entry is not intended to help you modify a registry but instead help you identify information about how you can use the registry to obtain important information about a Windows based computer. The database is made up of KEYS. An example of a txt. File export ...
TOTAL PAGES IN THIS WEBSITE
7
Linux Sleuthing: Getting Attached: Apple Messaging Attachments
http://linuxsleuthing.blogspot.com/2015/01/getting-attached-apple-messaging.html
Adventures in Linux-based data forensics. Wednesday, January 7, 2015. Getting Attached: Apple Messaging Attachments. The chats.db is found in the users directory in the. Location of chats.db. Library/Messages/ Library/Messages/Attachments Library/Messages/chat.db Library/Messages/chat.db-shm Library/Messages/chat.db-wal. As you can see, message attachments are located in the. Sub-folder. But how are they referenced in the chats.db, and how are they matched to the correct message? Style INTEGER ,. Was ded...
Linux Sleuthing: Calculating Embedded OS X Times
http://linuxsleuthing.blogspot.com/2011/02/calculating-embedded-os-x-times.html
Adventures in Linux-based data forensics. Monday, February 21, 2011. Calculating Embedded OS X Times. I recently examined a Macintosh computer where I needed to look at Internet History. The only installed browser was Safari, and the history was stored in /Users/. Library/Safari/History.plist, an XML file with visit dates in recorded in epoch format. An example of that time is "314335349.7". Mon Feb 21 08:53:57 PST 2011. Date -d "2001-01-01 314335349.7 sec PST". Sat Dec 18 03:22:29 PST 2010. EDIT: When p...
Linux Sleuthing: June 2013
http://linuxsleuthing.blogspot.com/2013_06_01_archive.html
Adventures in Linux-based data forensics. Wednesday, June 19, 2013. SQLite on the Case. It is very common in SQLite databases for integers to represent a deeper meaning than their numeric value. We usually refer to this as a flag. Take the iOS call history.db for example: the call. Table has a column literally called flags. And the integers in that column represent the type of call. Duration INTEGER ,. Flags INTEGER ,. Id INTEGER ,. Assisted INTEGER ,. Face time data BLOB. Pdp ip INTEGER ,. The best reso...
Linux Sleuthing: April 2014
http://linuxsleuthing.blogspot.com/2014_04_01_archive.html
Adventures in Linux-based data forensics. Tuesday, April 22, 2014. Finding Serial Numbers on Locked iPhones. Apple iDevices have their serial number engraved on the back, right? So why the article? Because it's not true of newer devices like the iPhone 5, 5s, and 5c. Also, original cases can be replaced and serial numbers obliterated through unprotected use or deliberate act. Now I have your attention again, I hope. I've written in the past about the libimobiledevice. This will display the last 10 lines ...
Linux Sleuthing: Recovering Data from Deleted SQL records
http://linuxsleuthing.blogspot.com/2011/02/recovering-data-from-deleted-sql.html
Adventures in Linux-based data forensics. Monday, February 21, 2011. Recovering Data from Deleted SQL records. I previously posted about parsing iPhone SMS database. The particular focus was the recovery of deleted messages. I explained there are really two types of deleted messages in play here: records flagged as deleted within the database (thus not really deleted at all) and records deleted from the database itself. I discuss the second type of deleted data recovery here. A database can have it's fre...
Linux Sleuthing: URLs : U R Loaded with Information
http://linuxsleuthing.blogspot.com/2015/02/urls-u-r-loaded-with-information.html
Adventures in Linux-based data forensics. Tuesday, February 24, 2015. URLs : U R Loaded with Information. Consider the following URL:. Https:/ www.google.com/webhp? Most examiners would key in on the domain. And the end of the url,. And conclude this was a Google search for the term "linuxsleuthing", and they’d be right. But is there anything else to be gleaned from the URL? Just what do all those strings and punctuation mean, anyway? What’s in a URL. Http: - Internet surfing. Mailto: - Email operations.
Linux Sleuthing: Code Snippets
http://linuxsleuthing.blogspot.com/p/code-nippets.html
Adventures in Linux-based data forensics. Code snippets and command line gymnastics useful for Linux-based forensics. The unix date command assumes unixepoch and seconds (as opposed to milliseconds, etc) when calculating dates. Date -d @1378937703 Wed Sep 11 15:15:03 PDT 2013. The command above can be interpreted as "There have been 1,378,937,703 seconds between 2013-09-11 15:15:03 PDT and 1970-01-01 00:00:00 UTC. The command is just a shorthand for:. The time stamp in the name attribute is an 8-bit litt...
Linux Sleuthing: February 2014
http://linuxsleuthing.blogspot.com/2014_02_01_archive.html
Adventures in Linux-based data forensics. Wednesday, February 19, 2014. Identifying Owners of Locked Android Devices. Locked Devices are not Always Secure. I’ve learned through much hands-on experience to put a device through a few checks before I give up hope. Is there a bootloader mode? I’ve been surprised to find full access to devices in recovery mode, left wide open by the phone’s distributor. More often I find limited access, and sometimes none. I plugged the device into my PC again, ran. Command r...
Linux Sleuthing: January 2015
http://linuxsleuthing.blogspot.com/2015_01_01_archive.html
Adventures in Linux-based data forensics. Wednesday, January 7, 2015. Getting Attached: Apple Messaging Attachments. The chats.db is found in the users directory in the. Location of chats.db. Library/Messages/ Library/Messages/Attachments Library/Messages/chat.db Library/Messages/chat.db-shm Library/Messages/chat.db-wal. As you can see, message attachments are located in the. Sub-folder. But how are they referenced in the chats.db, and how are they matched to the correct message? Style INTEGER ,. Was ded...
Linux Sleuthing: iOS6 Photo Streams: "Recover" Deleted Camera Roll Photos
http://linuxsleuthing.blogspot.com/2013/05/ios6-photo-streams-recover-deleted.html
Adventures in Linux-based data forensics. Sunday, May 19, 2013. IOS6 Photo Streams: "Recover" Deleted Camera Roll Photos. The dawning of Apple iCloud in 2011, a new service was born: the iCloud Photo Stream. Photo Stream syncs photos taken with an iDevice with other devices registered by the user. The user must have an iCloud account and enable Photo Stream through the. Menu for the service to work. Photo Stream comes in two flavors, if you will: the basic. IDevice with iOS 6.0. IDevice with iOS 5.1.
TOTAL LINKS TO THIS WEBSITE
19
AA Foreign Auto Parts Online - Trust the Top Salvage Yard for Quality Parts | AA Foreign Auto Parts
At the AA Auto facility and our friendly staff. We will treat you with the respect that you deserve, and give you a price you can't refuse! AA Auto Parts Welcome You! Located in North Little Rock, Ark, where we make it easy to salvage car parts. Were a reputable salvage yard that specializes in southern hospitality and used/rebuilt foreign auto parts, especially Toyota and Honda. The AA Auto Parts Difference. Engrossed in a Fixer-Upper? We’ve been helping folks fix up their rides for just shy of th...
AAForeign's blog - AA Auto Parts - Skyrock.com
More options ▼. Subscribe to my blog. Created: 27/01/2014 at 7:08 AM. Updated: 05/06/2014 at 12:30 PM. AA Auto Parts is a leader in Late Model Foreign Car Parts in Arkansas and we shipping nationwide. AA Auto Parts has new arrivals each day available at affordable prices. We offer computerized inventory with daily shipping. Free local delivery! You can now search and purchase our parts online. The Sum is Only as Good as Its Parts: Reliable Used Car Parts for Sale. Source: http:/ www.aaforeign.com...Don't...
Auto Repair | Ooltewah, TN | AA Foreign & Domestic Car Service
Honest and Dependable Work for Over 30 Years. Superior auto service and repair. Get the affordable engine replacement you deserve and get back on the road fast. Our services include cooling system flushes and remanufactured engines. Feel the absolute power our professionals can build back into your vehicle with our superior clutch and transmission services. If you are a Southern Adventist student or McKee employee, take advantage of our 10 percent discount on labor! Transmission repairs and replacement.
AA Foreign Car Repair
SCHEDULE A SERVICE TODAY! Or Call (904) 824-8865. AA Foreign Car Repair 2014. 2203 N Ponce De Leon Blvd St. Augustine, FL 32084. Redesigned and Hosted by Taylored Designs.
Avoiding Atrophy Forensics
Computer Forensics using Linux and Freely Available Tools. Thursday, July 30, 2015. Windows Registry and Registry Artifacts. Modifying the registry is a dangerous operation and can very possibly make your system unusable (at least temporarily). This entry is not intended to help you modify a registry but instead help you identify information about how you can use the registry to obtain important information about a Windows based computer. The database is made up of KEYS. An example of a txt. File export ...
Coming Soon - Future home of something quite cool
Future home of something quite cool. If you're the site owner. To launch this site. If you are a visitor. Please check back soon.
All American Forest Products
Content on this page requires a newer version of Adobe Flash Player. As a forest products marketing and manufacturing company All Ameri Can. Relies on more than 100 years of experience to deliver professional, effective solutions for our customers. Our focus is on developing long term relationships in an effort to supply unique products demanded from niche markets around the globe. Site designed by ITwiz.
Otro sitio web inteligente en desarrollo por ZEWS S.A.
Se especializa en el desarrollo de sitios web inteligentes en Costa Rica. Iquest;Qué es un sitio web inteligente? Rediseño de sitios web. Posicionamiento orgánico en buscadores. Programación de base de datos. Iquest;Quiénes somos? Contáctenos para mayor información, pronto nos comunicaremos con usted.
ASESORÍAAGROPECUARIA Y FORESTAL INTEGRAL, S. C.
INTEGRAL, S. C. 19 Años al Servicio del Sector Forestal y de Medio Ambiente. Av Zaragoza Ote. 92-Bis-4, Col. San Francisquito, Querétaro, Qro. C. P. 76058, Tel. 01 (442) 2 13 06 01, correo: aafinsc@aaforestal.com. ASESORÍA AGROPECUARIA Y FORESTAL INTEGRAL, S. C.
aaforestproducts.com - Registered at Namecheap.com
Welcome to namecheap.com. This domain was recently registered at namecheap.com. The domain owner may currently be creating a great site for this domain. Please check back later! Products and Services from Namecheap. Purchase domain names from just $3.98 per year. You can also transfer domain from another registrar to us for the same competitive price. WhoisGuard Privacy Protection Service. Low Cost 256bit SSL Certificates.
