Find File Signatures within a Hex File

In attempting to learn Python, I’ve been trying to find any reason to implement the language into any project I could think of. I thought it would be a great learning experience to incorporate Python...

Implications of Full Volume Encryption

Full Volume Encryption (FVE) is the process of encrypting a partition on a physical drive. This approach to encryption is slightly different from Full Disk Encryption (FDK) that encrypts the entire disk, including any and...

Procedures/Protocols Within a Digital Forensics Lab

SOP: The responsibility of a digital forensics lab is to take in requests to scientifically analyze pieces of digital media and in turn provide empirical and objective reporting based on the findings from those examinations....

Thoughts on Capturing Memory on a Live Machine

When performing an acquisition of a live machine, an examiner has the opportunity obtain information relating to the current state of the system by way of creating an image of physical memory. This would not...