2015年9月25日

Threatening letter in Naver Line App

摘要: A suspect sent a threatening letter in Naver Line App to Richman, and said that he wanted those money wired to a specified account "3398-239775-07". R... 阅读全文

posted @ 2015-09-25 15:00 Pieces0310 阅读(349) 评论(0) 推荐(0) 编辑

2015年9月22日

Android Malware Analysis

摘要: A friend of mine asked me help him to examine his Android 5.0 smartphone. He did not say what's wrong with his phone, and he just wonder why his wife ... 阅读全文

posted @ 2015-09-22 22:55 Pieces0310 阅读(638) 评论(0) 推荐(0) 编辑

2015年9月20日

MITM to crack Https connections

摘要: Everybody knows that https is http over SSL, and https is a secure way for protecting confidential data like bank account/password ,etc. Now I'd to sh... 阅读全文

posted @ 2015-09-20 16:47 Pieces0310 阅读(426) 评论(0) 推荐(0) 编辑

2015年9月7日

EnCase v.s. FTK - find out Chinese characters writing in different direction

摘要: A friend of mine said to me that she could fool those forensic tools easily by changing writing direction in text. I said to her: "Really? Are you sur... 阅读全文

posted @ 2015-09-07 22:51 Pieces0310 阅读(567) 评论(0) 推荐(0) 编辑

2015年8月30日

Does FTK index search support regular expression?

摘要: Some of my friends ask me a question: "Does FTK index search support regular expression?" They just participated in FTK Bootcamp last month, and they'... 阅读全文

posted @ 2015-08-30 19:47 Pieces0310 阅读(932) 评论(0) 推荐(0) 编辑

2015年8月27日

App Naver Line 5.3 add new features - "True Delete"

摘要: Line is getting more and more popular in recent years. Lots of peope use Line, so do "Suspects". That's why we have to keep an eye on it if any new fe... 阅读全文

posted @ 2015-08-27 11:53 Pieces0310 阅读(412) 评论(0) 推荐(0) 编辑

2015年8月15日

Known plaintext attack

摘要: When you find a ZIP/RAR file with password protected in the evidence, you may try dictionary attack or bruteforce attack or Rainbow talbes... Usually ... 阅读全文

posted @ 2015-08-15 16:55 Pieces0310 阅读(1563) 评论(0) 推荐(0) 编辑

2015年8月13日

Heavily reliance on forensic tools is risky

摘要: We could take advantage of forensic tools to examine and analyze the evidence, but heavily reliance on forensic tools is risky. It's us that determine... 阅读全文

posted @ 2015-08-13 16:52 Pieces0310 阅读(334) 评论(0) 推荐(0) 编辑

2015年8月11日

Belkasoft Evidence Center could handle Chinese characters well

摘要: I've been using Belkasoft Evidence Center for a very long time. It could handle Chinese characters well, so I don't have to waste time decoding... 阅读全文

posted @ 2015-08-11 11:15 Pieces0310 阅读(307) 评论(0) 推荐(0) 编辑

2015年8月10日

IEF could not decode Chinese character in IE history well

摘要: My friend is working on some case, and she looks not in the mood. I ask her what's going on. She wants me to look at the screenshot as below. That's w... 阅读全文

posted @ 2015-08-10 23:04 Pieces0310 阅读(345) 评论(0) 推荐(0) 编辑

Copyright © 2024 Pieces0310
Powered by .NET 8.0 on Kubernetes