If you’ve ever done Linux memory forensics, you know the frustration: without debug symbols that match the exact kernel version, you’re stuck. These symbols aren’t typically installed on production ...

The old saying is if your data isn’t backed up at least twice, it’s not backed up at all. For those not wise enough to heed this adage, there are a number of options available to you if you wish your ...

Computer sleuths interested in running forensic PC operations on a Linux machines should take a look at an open source tool called Foremost. Computer sleuths interested in running forensic PC ...

Plenty of utilities can recover deleted files, but what if you can't boot your computer, or the whole drive has been formatted? Here's how to dig deep and recover the most elusive deleted files, or ...

This excerpt from Chapter 5 of File System Forensic Analysis is posted with permission from Addison-Wesley Professional. The last chapter provided an overview of volume analysis and why it’s important ...

Australian university students have developed a Linux-based data forensics tool to help police churn through a growing backlog of computer-related criminal investigations. The tool was developed by ...

MOUNTAIN VIEW, Calif., Dec. 4, 2014 /PRNewswire-USNewswire/ — Passware, Inc., a provider of password recovery, decryption, and electronic evidence discovery ...

You have just been presented with a daunting task: Here are several gigabytes of log files; let us know if they can tell you anything. OK, where do you start? Luckily there are a few free tools that ...