Wireless Forensics



New directions in research have led to fundamental design changes in Wi-Fi technologies, networks, and services. These innovative advances have led to a prolific growth in wireless network computer crimes. As a result, forensic investigators are faced with future challenges associated with consumer’s hunger for high energy consumption, in addition to, issues regarding limited spectrum bandwidth. Continue reading

Computer Memory Forensics


Memory forensics is the science of analyzing computer memory, both volatile and non-volatile that reveals a vast array of analytical points in regards to the state of which the machine was in during memory image acquisition. Memory forensics is paramount to the analyses of volatile memory of a computer system, which contains numerous artifacts that may prove to be useful during a digital forensics investigation.

Continue reading

USB Forensics


The proliferation of USB devices not only is an added convenience to users but also a hindrance to network and information security and as a result can be used for nefarious purposes. This is why having the ability to examine USB device history and files are critical to digital forensic investigations. This assignment will walk through the basic forensic examination process of how to examine USB drive artifacts.   Continue reading

Incident Response Security Scripting for Windows and Linux systems


Windows IR Scripting

Below is the IR Script that I produced for Windows systems. The test machine was Windows 2016 Core running inside of VMware Fusion 8. I’ve included some tools for the most commonly requested information. As an incident handler, I believe it is better to use the least complicated tools possibly to get the job done, therefore, avoiding unnecessary complications that run the risk of jeopardizing an incident response investigation. Batch scripting is also within my comfort zone. Another benefit of batch scripting is that they require the least amount of time to prepare and have proven to be very reliable across multiple operating system distributions.

Continue reading