Smack your head with USN Journal: Everything you ever wanted to know about this forensic artifact

Starting with NTFS V 3.0 (Also known as NTFS 5.0) Microsoft introduced several new features in the file system to make it more robust, reliable and efficient. This included Support for disk quotas, EFS, Sparse files, reparse points and Update sequence number (USN) journaling. While NTFS v 3.0 supports all these features the actual implementation […]

Read More »

Just a poster on memory forensics

Please click on the link below to download the poster on Memory forensics syn_volatilty

Read More »

Hubs, Switches and Routers

  Basic difference Hubs Hubs, also known as repeaters, are network devices that can operate on layer-1 (I.e. the physical layer) to connect network devices for communication. Hubs cannot process layer-2 or layer-3 traffic. Layer-2 deals with hardware addresses and layer-3 deals with logical (IP) addresses. So, hubs cannot process information based on MAC or […]

Read More »

Information Security FAQ

  What is NAT and how does it work? The abbreviation for NAT is Network Address Translator. Private IP addresses are not globally recognized and should never be used on the internet and they are intended for the internal use in isolated networks, such as LANS, without internet access. However, private addresses can be used […]

Read More »

Nmap Basics

Explore the network with Nmap Nmap is a tool for port scanning the internet. A port is the point admission, physical or logical, of a connection through which you transfers made between files. Nmap has infinite utility, we think that most of the vulnerabilities will find them with this small but great tool. To give […]

Read More »

Microsoft – Snake biting its own tail

How important is it to have an update release properly tested before releasing? Probably Microsoft overlooked the fact while releasing the patch ( KB 2756920) on 8th of January 2013. The Patch was released to rectify the vulnerability existed in Dot net framework 3.5.1 as mentioned at This vulnerability allowed the attacker to raise the privilege level (Privilege […]

Read More »

Volume Shadow Copy as an aid to forensic investigations

While conducting forensics examinations I have come across several instances where past activity record on the system had proved helpful. Volume Shadow copy forensics is one of them. What is Volume shadow copy service (VSS):  Also known as volume snapshot service; the feature was introduced with Windows XP. The Idea was to create a backup […]

Read More »
Living in past glory

Living in the past glory

    Hello sir! Good noon.. I said as i entered the office of this gentleman. He had been one of my ideals and i do admire him for his thinking process, Cool headedness, Ways of handling business and knowledge. Mr. Praful Mehta, Owns a business that spreads across 3 states and deals in heavy […]

Read More »
Internet Forensics

internet forensics judgment: An analysis of options available for better judgment

Shri     This morning when I checked my alerts from Google I found something of technical interest. This was a case decided by the judiciary in favor of convict that had resulted in mass criticism and media even shouting that New York court of appeals rules that looking at child pornography is not a […]

Read More »

Dangers of Wireless: A note on Indian Scenario

Shri Its long that I have actually written anything. Rather I must say I had been feeling incapable of writing quality stuff and this had been putting me on hold. Lately I have been in touch with a person who is struggling with cancerous brain tumor. My interaction with him encouraged me to dive deep into […]

Read More »
Page 1 of 212»