Category: Digital Forensic

Sore ini saya dihubungi oleh seorang teman yang mengirimkan sebuah file image dari sebuah flashdisk. Beliau meminta saya untuk melakukan analisa terhadap file tersebut. Flashdisk tersebut berisi beberapa file, baik yang masih dapat dibaca maupun yang telah terhapus. Hints nya, semua file yang ada, baik yang telah terhapus maupun yang belum terhapus, sengaja dikacau struktur […]

Now, lets say you received a flash disk as apart of a criminal investigation into a terrorism act. You have no idea of the exact source computer of the flash disk. You have been requested to examine the flash, see if you can find some incriminating evidence, and maybe even tie it specifically back to […]

Digital forensic is an investigation for the retrieval and analysis of digital evidence. In general, three main steps, called the three A’s, have been identified in the investigation process: Acquire, Authenticate, and Analyze. These three steps and the final step of Presentation are elaborated upon further in this section..When a suspect drive is obtained from […]

Opensources forensics tools, that I found from opensourceforensics.org. Some of the application were installed on my distro, called Stagos FSE. My suggestion, try to use all the application in here, and explore the application. Hope you like it. For your information, opensource software has been using for years for digital forensic case around the world. […]

On UNIX world dd usually using to copy a file. On forensic world, we can use dd as the solution for disk / evidence imaging tool. There a some other tools that usually to use in order to build evidence image file such as EnCase or SafeBack, but again, it’s to expensive for us (especially […]