Abhiram KumarDeep深入Windows诊断数据；遥测（EventTranscript.db）-第2部分Ahmed Kamal ElmagrabyWindows注册表分析欺骗表David Spreadborough在AmpedCCTV收购系列摘要Andrew Skatoff在“DFIR TNT”RMM的Andrew Skatoff–行动1：客户端证据Cado安全为什么CIRA都是云事件响应的支持者？分析AWS Nitro[…]

Abhiram KumarDeep深入Windows诊断数据和遥测（EventTranscript.db）–第1部分David Spreadborough在DFRWSDFRWS 2023 Challenge Forensafe收购Bhargav Rathod后在AmpedViewing CCTV上调查Android Skype Harlan Carvey在HuntressGone Phishing：对目标用户攻击的分析Joshua Hickman在“Binary Hick”Android&AirTags（第二部分）Justin De Luna在[…]

ADF解决方案如何使用移动设备调查员Belkasoft扫描移动设备如何使用Belkashoft X Cloudbrothers分析KnowledgeC.db其他Entra ID/Azure AD登录错误预防调查安卓Aqua邮件Justin De Luna在“DFIR Spot”LNK to The Past：利用LNK文件进行调查Lorena Carthy-WilmotVipps应用程序-法医Lucid Truth Technologies法医分析师可以[…]

AmpedThe Creation of Master and Working Copies after CCTV Acquisition Andrew Skatoff at‘DFIR TNT’RMM–Xeox：at&T CybersecurityRAM dump:Understanding its importance and the process Cellebrite Underviewing the Modern Approach to Digital Investigation through Remote Collection of Android andWorkplace应用程序Derek EiriDisk Toggling，验证WinFE Geraldine Blay和[…]