Video: Computer Forensic & Investigation

A computer forensics professional explains the basics of computer forensics, how data is recovered from people’s computers and what challenges they face.

This is only an introduction to what computer a forensic expert does, recommended for begginers.

Metasploit Anti-Forensic Investigation Arsenal (MAFIA)

These are high level antiforensic tools, not to be used by little girls, you will need a good understanding of computers to know what you are doing:

1- Timestomp – First ever tool that allows you to modify all four NTFS timestamp values: modified, accessed, created, and entry modified.

2- Slacker – First ever tool that allows you to hide files within the slack space of the NTFS file system.

3- Sam Juicer – A Meterpreter module that dumps the hashes from the SAM, but does it without ever hitting disk.

These are not new tools, they have been around for a couple of years already and they are still as useful as when they came out. You can download them at Metasploit website, a highly reccomended place for all those interested in antiforensics.

The next time your laptop gets seized at the border because the Customs Officer  did not get his usual bribe, or got pissed off that your wife hooters are bigger than his dwarfed and rusty piece of flesh he calls wife at home. Make sure the corrupt officers get to confiscate a full encrypted laptop and a thumbdrive UNENCRYPTED with all file timestamps changed to 20th April, 1889, a date they will be familiar with, as that is when Hitler was born.

http://www.metasploit.net/research/projects/antiforensics/

Video: Using eraser to delete files for good

This is mainly a video for begginers, just some introduction on why you should use a secure data wiper to delete files in your computer.

A computer user shows you on screen how to use Eraser to safely wipe documents and making them vanish for good.

Eraser is one of my favourite tools to destroy data, free and open source.

http://sourceforge.net/projects/eraser/

Interview with a computer forensics expert

I thought this was a cool interview, if you already know about computer forensics you may find you will not learn anyting new here, but I really reccomend to listen to the interview to begginers who have no clue what a computer forensics expert does.

One day it may be one of the bad guys who takes your computer away, you better know what they do before your private computer life becomes an open book. You may also want to look at the other posts I have tagged with computer forensics.

Video: Computer Forensics – What happens when you delete a file?

Computer Forensics Expert Steve Burgess explains what’s left over when a file is deleted, and what happens when it is created.

Video: SANS course Security 508, Computer Forensics, Investigation and Response.

Video explaining the computer forensics procedure to follow during evidence adquisition.