Digital Forensics Tools: The Ultimate Guide (2024)
Digital forensics tools have improved a lot in the past several years. With these advances, the digital forensics community now has many tool options for each phase of an investigation.
Tag: Featured
All the Action from Magnet User Summit 2023
We couldn’t wait to head back to Music City (Nashville, Tennessee) to catch up with friends old and new and talk about all things Magnet Forensics and DFIR for Magnet User Summit 2023! We had a fantastic series of activities lined up for attendees, including sessions from DFIR Industry experts and opportunities to learn more … Continued
What is MRU (Most Recently Used)?
MRU artifacts, or Most Recently Used are a variety of artifacts tracked by modern Windows operating systems that provide crucial details regarding the user’s interaction with files, folders, and programs that may have been executed using the Windows Run utility. This is fortunate for examiners, because profiling user activity is something digital forensic examiners are often tasked with to corroborate what we believe happened on a computer. It is a method for supporting our theory of the user’s behavior on a system.
Forensic Analysis of MUICache Files in Windows
As examiners, we often find ourselves wanting to know if a program was executed on a system, when it was executed on a system, or if a program or file ever existed on a system.
DFIR: What is Digital Forensics and Incident Response?
Digital Forensics and Incident Response (DFIR), is often used to speak about both the digital forensics and incident response fields—related but separate areas. Let’s delve into what both digital forensics and incident response are and why they are often grouped together.
Digital Evidence Processing: Parsing-Only Processing and Post-Process Carving
Processing evidence sources that contain terabytes of data and hundreds of thousands of artifacts is now a common and sometimes time-consuming process. Magnet AXIOM and Magnet AXIOM Cyber offer you more control over evidence processing by offering the option to process evidence with parsing-only and post-process carving—allowing you to apply the appropriate collection method for the investigation at hand.
AXIOM Cyber 6.2: Email Explorer, VirusTotal Integration and Volatile Artifacts.
Only two months after the release Magnet AXIOM Cyber 6.0, we’ve delivered several new and exciting features in Magnet AXIOM Cyber 6.2, including:
Magnet AXIOM 6.2: Surface Handwritten Documents Automatically
Magnet AXIOM 6.2 is now available, which adds a new Handwriting Classifier in Magnet.AI and improved viewing experiences for key iOS apps, in addition to several new UX enhancements to help you work investigations even easier and faster.
Collecting Google Drive Activity in Magnet AXIOM Cyber
With AXIOM Cyber you can now get even more Google Drive Activity data from Google Workspace thanks to the ability to collect a record of user activity on a Google Drive account.
Magnet AXIOM 6.1: More Evidence from the Outlook App and Google Chrome
Magnet AXIOM 6.1 is now available, helping you automatically surface evidence from even more sources, including the Outlook app, Windows Mail, and Google Chrome.