Everything Digital Forensics - From Certifications to Lab Setup

Подписаться 16 тыс.

Просмотров 7 тыс.

50% 1

Ever wondered about how to get into digital forensics? Want to know the tools we use? This is the video for you. This is my 5 part series condensed into a single long video.
Timecode:
0:00 CBC Piece
0:40 Introduction
2:29 Certifications
9:41 Software - Other tools
15:16 Word of warning
17:47 Part 2
18:14 Forensic Systems I use
19:45 Whats on my desks
23:52 Imagers
24:52 Soldering Bench
25:40 LFB and IR Rework
26:17 Final words for part 2
29:04 Part 3 - Court appearancees
37:26 Report writing
40:38 Part 4 - Free tools
41:27 My fav two free tools
41:53 Caine
45:20 Paladin Edge
46:10 Making Paladin USB
47:45 Using Paladin + My own solution
57:13 Part 5 - More free tools
58:21 Bulk Extractor
59:29 EZ Tools
1:00:22 NitSoft tools
1:01:27 FTK
1:02:02 Magnet Tools
1:03:39 Volatility
1:03:50 mac_apt
1:04:21 XMount
1:04:36 Agent Ransack
1:05:09 MITEC Tools
1:06:45 Digital Detective Tools
1:07:58 OSF Mount
1:09:02 Final Words
Do you need data recovery? Do you want to be featured in one of my videos? Contact me via email info@datarescuelabs.com
-------------------------------------------------------------------------------------
TikTok: / forensicguy
Instagram: / datarescuelabs.inc
Facebook: / datarescuelabs
-------------------------------------------------------------------------------------
Some of the tools that we use:
ruSolut Monolith adapter
ruSolut eMMC Adapters
ruSolut TSOP adapter
ruSolut Visual Nand Reconstructor
FlashExtractor
Z3X EasyJtag + UFS
JBC NANO
Hakko Soldering Iron FM-203
Hakko Rework Station 810B
Quick 8610W Rework Station
ACHI IR6500 BGA Station
PC-3000 UDMA
PC-3000 Portable III +SSD and nVMe
DeepSpar 3
DeepSpar 4
DeepSpar DPI PCI-E NVME Addon
DeepSpar Forensic Addon
DeepSpar Network Addon
ZXW Tools
Adobe Premiere CC
Adobe Photoshop CC
Camtasia Studio
Cellebrite UFED (Latest Version)
MSAB XRY
Magnet Forensics IEF
Magnet Axiom
X-Ways
FTK Imager
Various Linux Distros
-------------------------------------------------------------------------------------
Music:
Kupla - Droplet chll.to/372fe45c
-------------------------------------------------------------------------------------
Stock footage:
Video by cottonbro from Pexels
Video by MrColo from Pexels
Video by cottonbro from Pexels
Video by Paice Street from Pexels
Video by Sora Shimazaki from Pexels
Video by Ron Lach from Pexels
Video by Pressmaster from Pexels
-------------------------------------------------------------------------------------
All graphics created by Data Rescue Labs
Need data recovery service? Forensic service?
Contact us today info@datarescuelabs.com
Data Rescue Labs Inc
145 Traders Blvd East Unit 8
Mississauga, Ontario
L4Z 3L3
Canada
Copyright (c) Data Rescue Labs Inc 2021
1-877-681-4131
www.datarescuelabs.com
#digitalforensics #DFIR #forensics

Наука

Опубликовано:

29 июн 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 51

@CustomComputing Год назад

what a great surprise a new video!!! happy new year! and thanks again for the help this year!

@forensicguy Год назад

You too!

@ahmadalkaabi2692 Год назад

Thank you, This was very informative.

@cocobongo268 Год назад

Absolutely informative and straightforward to the main goals. Amazing video, my dear friend. By the way, my best wishes for his new coming year. :)

@forensicguy Год назад

Thank you! This is my 5 part video series from 2021 that I condensed into single 1 hour video. Have a happy new year my friend!

@batmanasdasd Год назад

omg tysm what an awesome video

@kevinx2381 Год назад

Hi I have watched some of your older videos, very informative and honest. Thanks for spilling the beans on all the con artists out there regarding recovering data and bogus software. It seem people just want to have our pants down and make money. Keep up the good work, We need more honest people in the world like you. Best Regards Kevin

@cocobongo268 Год назад

My dear friend. Have a nice year, full of work and good health. My best regards. As always, thanks for sharing knowledge and make this world a better place. :)

@forensicguy Год назад

Thank you!!

@bobmorton4633 Год назад

Well, good information. Things have come a long way in the last 15 years since I got out of forensics. Although I am not certified like you, nor did I have all the gear you have, I did do a lot of data recovery for a few shops. Encase was nice back in the day. Are you open to the public to do some chip repairs? Or open to giving some advice on equipment for pulling data off of a damaged chip?

@sir9270 9 месяцев назад

What are your thoughts on GIAC certs geared towards Digital Forensics? Such as GCFA or GCFE? Are they compatible to positions like yours in the field? Also you mentioned about running your own digital forensics company, how does that work legally? Is that more geared towards consulting for private and government companies?

@Gksec-lr7xg 7 месяцев назад

Now for the most important question, how do you make your tea? I can't seem to make green tea taste good. 😂

@forensicguy 3 месяца назад

plain!

@honeybadger1427 Год назад

Hi. You summarized the DF master's degree program I'm finishing this Spring semester in one long video. Have you done discovery work for a civil case?

@forensicguy Год назад

Glad my video was helpful! I do mostly civil work. How long was your program?

@honeybadger1427 Год назад

@@forensicguy 2 years. However, in some cases I learned more from you than from some of the professors from the program. One of my classes this semester was about eDiscovery for the DFE. So I was wondering how much eDiscovery works a real DFE does?

@jolt06 Год назад

found your video while looking for help with aa job interview prep for Digital forensics. I'm literally on my last semester of my masters in Cyber security digital forensics. I really want to be in this field of work.

@vdej01 9 месяцев назад

How has the job hunt been? Are you settled now?

@jolt06 9 месяцев назад

@@vdej01 I was able to get a job as a pentester.

@vdej01 9 месяцев назад

@jolt06 Congrats on the journey ahead! I have an engineering background but exploring what opportunities are inforensics

@Josh-lv6jz Год назад

What metadata can be recovered if any at all from cached images in apples photo gallery photo picker?

@HalifaxComputersRepair Год назад

oh yeah and the rcmp is your best friend because no matter what price you give them they will pay the full price , i know because i deal with the rcmp customers as well , they pay handsomely , there your best customers , i did find you right away .... Merry christmas and happy new year lol

@forensicguy Год назад

Law enforcement definitely pays but they have a limit how much they will pay

@assmonkey9202 11 месяцев назад

Would be super interested to see a video of you doing recovery from a gpixel running graphene👀

@Fizbun Год назад

Hey, have you ever used Datapilot 10 device or heard about it? How would a phone extraction compare to UFED?

@forensicguy Год назад

I was given a live demo last year. It’s different than UFED. It’s more for live data acquisition especially for 3rd party apps. They have a screen recording feature that can automatically capture apps otherwise not supported by most forensic tools. It would be more useful for law enforcement in the field that just need a quick or very specific collection.

@Fizbun Год назад

@@forensicguy I would agree that it seems more useful for someone on the field/scene. Usually in the lab you have more powerful tools or even just computer. Maybe useful in situations like in Ukraine where your lab is not usable due to it being in constant danger. Having a "mobile lab" seems the next best thing in that case. I also realized that these devices are 4+ years old. It also has a micro-USB port and I wonder how much of a hindrance that would be if compared to like a USB-C port. Ideally I'd like it to have two USB-C ports and a proper SSD (instead of SD-card).

@Litehamer 10 месяцев назад

Hi . Thank you for the video. I’ve been in law enforcement for almost 20 years and am considering a move to digital forensics. A small company has offered me a job an a great deal of cellebrite training . I’m really interested but wonder if it’s too vendor specific. I’ve used XRY and been exposed to cellbrite reader but worry it my be too limited. Any thoughts appreciated.

@forensicguy 3 месяца назад

I had XRY.. after update to v7 I HATED IT and never renewed it. I prefer cellebrite over anything

@ToomsDotDk Год назад

Another good free tool that i think you missing. Arsenal Image Mounter from Arsenal Recon, There is an free version and an payed version there can boot E01 files and auto unlock the the login. Note, i do not work for Arsenal.

@forensicguy Год назад

Is it the same as OSF mount? It sounds familiar. Thanks for bringing it up. I definitely missed many great tools.

@ToomsDotDk Год назад

@@forensicguy yes it is an tool for mainly mounting images but it can alot more, like it mounts the images as "real scsi disk" so windows see them as real hardware and there for volume shadow copy works. i have the payed version and find the many function very very use full

@TotalTech2. Год назад

How would you go about getting into a career in mobile forensics?

@forensicguy Год назад

Same idea

@TotalTech2. Год назад

@@forensicguy Sorry what do you mean? What is the first step into getting started in digital forensics? What cert should I start with?

@mrperson88 3 месяца назад

What is the cost of the CCE exam?

@forensicguy 2 месяца назад

ISFCE is going through restructuring at the moment, you might want to look into other certs for now until they are back on their feet. The CCE cert is still valid and I was just recertified this month, but I am not sure if they are taking on new members at the moment.