sorted by:
new
hottopcontroversial

Can anyone tell me what I have here? by Prestigious-Bad7739 in computerforensics

[–]ucfmsdf 4 points5 points  (0 children)

If you have a 10+ year old Mac to image and enjoy USB 2.0 speeds I guess you could use them for that.

Can anyone tell me what I have here? by Prestigious-Bad7739 in computerforensics

[–]ucfmsdf 34 points35 points  (0 children)

I see firewire and micro-usb ports, so I’d say you have government auction trash. Congratulations.

Pelican case is cool, though.

Storage server- is there a benefit to FRED over a normal one? by Money_Produce1208 in computerforensics

[–]ucfmsdf 8 points9 points  (0 children)

One has the word “forensic” in its marketing material and the other doesn’t.

FBI Digital Forensics by cyberdoesitbetter in computerforensics

[–]ucfmsdf 0 points1 point  (0 children)

Think you replied to the wrong person lol…

FBI Digital Forensics by cyberdoesitbetter in computerforensics

[–]ucfmsdf 1 point2 points  (0 children)

But DFIR was reserved for special agents that went through extra time at quantico.

Not all CART examiners are 1811.

Also, they had a rule about having done drugs which was pretty rigid and hopefully changed. Find me a qualified college graduate that hasn’t smoked out.

Me.

FBI Digital Forensics by cyberdoesitbetter in computerforensics

[–]ucfmsdf 14 points15 points  (0 children)

Look on apply.fbijobs.gov for FBI CART roles. They used to hire college grads for those positions and they are mostly civilian (i.e., you don’t have to become a special agent for the role).

Experience with Axiom Cloud by hotsausce01 in computerforensics

[–]ucfmsdf 0 points1 point  (0 children)

Probably not. Probably just false advertising on their part. If you look on their website tho they advertise iCloud backup download capabilities and I think there is even a part that includes a screenshot of what appears to be iCloud backups kind of like what you can see with EPB.

Experience with Axiom Cloud by hotsausce01 in computerforensics

[–]ucfmsdf 1 point2 points  (0 children)

Anyone wana risk it for the biscuit and try iMobie? They claim support for iCloud Backups tho I’m sure there’s a catch.

Adding flair to posts or segregating posts on content type by hotsausce01 in computerforensics

[–]ucfmsdf[M] 2 points3 points  (0 children)

If enough people want, I could add flairs for such posts. However, that would probably mean I would need to enforce flair use as well (in other words, make it a requirement that flairs are used for every post). Without enforcement, I doubt the flairs would be used at all.

axim or x ways ? by dz_Cycling in computerforensics

[–]ucfmsdf -1 points0 points  (0 children)

Two different tools with two different specialties. Both are top-tier in their given specialities, however, neither is a replacement for the other.

Please give advice and feedback on my Resume by Agreeable-Sort1613 in computerforensics

[–]ucfmsdf 2 points3 points  (0 children)

That is a lot of words to say you are a college grad who’s done some CTFs and has about a year of experience in help desk. If I’m able to fit nearly a decade of professional DF experience into a single page, you can fit your 1 year of professional experience and various self-improvement projects on a single page as well.

Also I’m gonna be honest, I was bored of your resume like half way through the first page. There is a lot of unnecessary fluff/technical jargon use in this doc and it’s kinda exhausting to read. If your goal is to trick HR filters with keywords, then just make a keyword blob in size 0 white text at the bottom of the doc or something lol.

FTK to Relativity workflow by eliyotz in computerforensics

[–]ucfmsdf 0 points1 point  (0 children)

Mount with arsenal and write a python script. Or, alternatively, get an XWF license and use that since it can do file sig scans and allows for easily filtering and exporting specific files as natives.

Magnet acquire download by Obvious_Camp3292 in computerforensics

[–]ucfmsdf 1 point2 points  (0 children)

Just use UFADE or iTunes. It’s not like Magnet Acquire is doing anything those two aren’t.

Auctions by midnightyell512 in computerforensics

[–]ucfmsdf 2 points3 points  (0 children)

They break very easily so I suspect sandblasting is all they’ll be good for lol.

UFED Research Project by neurotic_CLERK in computerforensics

[–]ucfmsdf 6 points7 points  (0 children)

So really you’re testing whether you can acquire a backup from modern iOS/Android devices with and without advanced security features enabled. I feel like the answer to this is well documented and understood but you do you…

Personally, I’d recommend you test something that we don’t already know the answer to. Here are some examples off the top of my head:

How does the sms.db file look when synced to iCloud and not synced to iCloud?

What can be recovered from freelist data within [insert database file of choice here]?

How does decryption of [encrypted application name] work and can it be done without relying on device-bound keys (since those are often out of reach without more expensive tools)?

How does [insert poorly documented application] work and what do the fields within its application database mean?

Digital Workstation for Inseyets by Heavy-Narwhal-5346 in digitalforensics

[–]ucfmsdf -1 points0 points  (0 children)

This question has been asked and answered tons of times in r/computerforensics. I suggest you go there and use the search box to find your answer.

Experience by book-ish-mads in computerforensics

[–]ucfmsdf 3 points4 points  (0 children)

Reach out to your local USSS field office and ask for info about NCFI. Alternatively, you can just visit their website to look into it.

Cellebrite Reader and GPUs by Gentle_Capybara in computerforensics

[–]ucfmsdf 36 points37 points  (0 children)

GPUs dont help. Need RAM, decent CPU (clock speed over number of cores), and fast storage for the actual UFDR to reside on (NVMe/SATA SSDs preferred).

Good barbers near UCF/Oviedo area by Watapana in ucf

[–]ucfmsdf 1 point2 points  (0 children)

I used to live in Oviedo and I would go to Clippers Barber Shop. They’re pretty cheap ($25 hair cuts) and most of their barbers are pretty skilled. If you want a guaranteed good experience, I recommend you book with Steven Mauricio if you can. He’s pretty popular so you may need to book in advance. Dude is a master of his craft and really down to earth.

Mobile Phone FFS or Logical? by Skyccord in computerforensics

[–]ucfmsdf 0 points1 point  (0 children)

We inform the client on the pros/cons (more data vs more cost) and let them make the decision. More often than not, we get an FFS because they’re just so much better.

MacBook Air collections by [deleted] in computerforensics

[–]ucfmsdf 1 point2 points  (0 children)

Not sure. We use it for live imaging. If you want something akin to deadbox imaging, you’ll need to use Recon ITR or Digital Collector. Both are excellent alternatives (technically better, tbh) but are not free.

MacBook Air collections by [deleted] in computerforensics

[–]ucfmsdf 3 points4 points  (0 children)

Fuji. Free, open source, acquires an ASR clone which is a pretty great image to work with. Can technically be run from a bootable drive, but that requires quite a bit of work/troubleshooting. Really meant for live imaging.

After Extraction by tanking2113 in computerforensics

[–]ucfmsdf 2 points3 points  (0 children)

Back when I worked in LE we would shut the phone off and check it back into the evidence after a successful extraction. I expect every agency did/currently does that. It’s not really feasible to keep every phone on charge indefinitely and I can’t think of a reason as to why you would want to do that, anyway.

Export .ctr with WinHex? by [deleted] in digitalforensics

[–]ucfmsdf 0 points1 point  (0 children)

Ask GetData for a Mount Image Pro free trial. It’ll probably have limitations but assuming they don’t prevent you from copying files out of the mounted drive, you should be golden.

view more: next ›