4N6 AS A SERVICE

 Forensic Science

Forensics, or forensic science, is the application of scientific methods to resolve or shed light on legal issues. It has a number of subdivisions; forensic medicine involves the examination of the human body (living or dead) for purposes of answering legal questions or gathering evidence for a criminal or civil action. Forensic accounting involves the examination of financial records for the same purpose. And computer forensics, as the name indicates, involves the examination of computer systems and data for legal purposes.

What is Cyber Forensics?

Cyber Forensics is the scientific processes of identification, seizure, acquisition, authentication, analysis, documentation and preservation of digital evidence

There are multiple definition but the core is same:

  • Scientific answers to legal questions.
  • A field of electronic investigation that seeks to identify the content and activity of a digital device, and where possible the intent of the user.
  • Science for the examination and analysis of digital trace evidence.
  • scientific discipline combination of standards, law and computer science to analysis reporting that should be accepted by court of law or any legal.

Overview of Digital Forensics : https://d3pakblog.wordpress.com/2017/01/02/overview-of-digital-forensics/

Cyber Forensics Cases:

  • Intellectual Property Theft cases (Agricultural, Designing, aviation, e-commerce)
  • Banking Financial Fraud, Suspicious fraud transaction
  • Money Laundering
  • Smartphone Social Media
  • Online Fraud and Forgery
  • Derogative defamatory comments/blogs
  • Ransomware cases
  • Email cases
  • CCTV, Data Recovery cases
  • Cyber Crime

What is a computer forensics investigator?

Computer forensics investigators, also known as computer forensics specialists or analysts, are experts in recovering material from computers and other electronic storage devices, particularly when the data has been corrupted or deleted. These specialists work within the law enforcement industry and apply their skills to investigations, attempting to recover information that can be used as evidence in civil and criminal trials. Computer forensics investigators must record the data retrieval process, and may be required to present their findings during the trial.

What qualifications does it require?

There are several ways to go about becoming a computer forensics investigator.  It is recommended that anyone interested in this IT career path earn a computer science degree and undergo law enforcement training or earn experience in the field. Some law enforcement agencies may also have their own computer forensics investigator training programs. Either way, specialists must develop an extensive amount of computer science, IT security and operating systems expertise. Basics is very important, networking cyber security and hacking.

List of Some Forensic tools

This slideshow requires JavaScript.

Forensic Imaging:

  • Tableu-TD3
  • Digital Intelligence Ultrablock
  • Solo-4
  • Logicube Falcon
  • FTK imager

Composite Tools:

  • Encase
  • FTK
  • UFED
  • Oxygen
  • Magnet axiom
  • Belkasoft
  • Autopsy
  • CDAC (CyberCheck, FRAT)

Mobile:

  • UFED Cellebrite touch/4pc
  • Ufed Physical analyzer
  • Oxygen
  • CellDek Logicube
  • MPE+
  • Axiom
  • Belkasoft
  • Encase smartphone
  • fone
  • MOBILedit
  • paraben

Image:

  • Adroit Photo
  • Encase
  • FTK
  • R-studio
  • Photorec

Email:

  • MailXaminer
  • Paraben E-mail Examiner

Password:

  • Tableau password recovery
  • Elcomsoft
  • Passware
  • PRTK
  • Hashcat

Open sources

  • OSINT
  • Nirsoft
  • Woanware
  • Linux Distros (Caine, Kali, Parrot, SIFT, Deft)
  • Wireshark
  • Volatility
  • DFF
  • Autopsy

Data Recovery

  • Recuva
  • Stellar
  • R-tools
  • File Scavenger
  • PC-3000

For complete list of tools : https://d3pakblog.wordpress.com/2016/12/27/computer-forensic-tools/

Open Source and VAPT Tools : https://d3pakblog.wordpress.com/2016/12/27/open-source-vapt-dfir-tools/

Glossary in short

COMPUTER FORENSICS

Collection, analysis & presentation of Electronically Stored Information (ESI) from computers for the purpose of presentation as evidence in legal or other proceedings.

CLOUD COMPUTING/THE CLOUD

Cloud computing refers to the delivery of computing as a service rather than a range of products. Resources, software and information are delivered to computers and other devices via the internet. Users access cloud-based applications by logging in via a web browser/light weight desktop/mobile app while the software and data are stored on remote servers.

Digital forensics is possible with data contained in ‘the cloud’, however encryption can present barriers.

DIGITAL FORENSICS

An umbrella term referring to forensics involving digital devices, including computer and network forensics. Refers to the evolution of computers into networks, mobile phones, PDA, GPS, etc.

FORENSIC IMAGE

An exact copy of a storage device.

FORENSIC ACQUISITION

The act of attaining a forensic image of a device.

E-DISCOVERY / E-DISCLOSURE

The discovery and disclosure of information stored in electronic form, for the purpose of obtaining evidence.

ELECTRONICALLY STORED INFORMATION / ESI

Any information created or stored on an electronic device, including: word processing documents, emails, voice messages, SMS, accounting ledgers, databases, etc.

NETWORK FORENSICS

Collection, analysis & presentation of digital communications between digital devices, such as computers, mobile phones, etc., for the purpose of presentation as evidence in legal or other proceedings.

PHONE FORENSICS

Collection, analysis & presentation of Electronically Stored Information (ESI) from mobile and smart phones for the purpose of presentation as evidence in legal or other proceedings.

USB DRIVE

Storage using the Universal Serial Bus. Standard for attaching digital devices to computers, often used for external storage of ESI. Also, known as “Thumb Drive”, “Pen Drive” or “Flash Drive

For Complete detailed list :  https://d3pakblog.wordpress.com/2017/01/24/glossary-computer-email-forensics

DFIR Resources : https://d3pakblog.wordpress.com/2017/01/13/dfir-resources/

Advertisements

2 thoughts on “4N6 AS A SERVICE

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s