Forensic Science

Forensics, or forensic science, is the application of scientific methods to resolve or shed light on legal issues. It has a number of subdivisions; forensic medicine involves the examination of the human body (living or dead) for purposes of answering legal questions or gathering evidence for a criminal or civil action. Forensic accounting involves the examination of financial records for the same purpose. And computer forensics, as the name indicates, involves the examination of computer systems and data for legal purposes.

What is Cyber Forensics?

Cyber Forensics is the scientific processes of identification, seizure, acquisition, authentication, analysis, documentation and preservation of digital evidence

There is multiple definitions but the core is same:

  • Scientific answers to legal questions.
  • A field of electronic investigation that seeks to identify the content and activity of a digital device, and where possible the intent of the user.
  • Science for the examination and analysis of digital trace evidence.
  • scientific discipline combination of standards, law and computer science to analysis reporting that should be accepted by the court of law or any law.

Overview of Digital Forensics: https://d3pakblog.wordpress.com/2017/01/02/overview-of-digital-forensics/

Cyber Forensics Cases:

  • Intellectual Property Theft cases (Agricultural, Designing, aviation, e-commerce)
  • Banking Financial Fraud, Suspicious fraud transaction
  • Money Laundering
  • Smartphone Social Media
  • Online Fraud and Forgery
  • Derogative defamatory comments/blogs
  • Ransomware cases
  • Email cases
  • CCTV, Data Recovery cases
  • Cyber Crime

What is a computer forensics investigator?

Computer forensics investigators, also known as computer forensics specialists or analysts, are experts in recovering material from computers and other electronic storage devices, particularly when the data has been corrupted or deleted. These specialists work within the law enforcement industry and apply their skills to investigations, attempting to recover information that can be used as evidence in civil and criminal trials. Computer forensics investigators must record the data retrieval process and may be required to present their findings during the trial.

What qualifications does it require?

There are several ways to go about becoming a computer forensics investigator.  It is recommended that anyone interested in this IT career path earn a computer science degree and undergo law enforcement training or earn experience in the field. Some law enforcement agencies may also have their own computer forensics investigator training programs. Either way, specialists must develop an extensive amount of computer science, IT security and operating systems expertise. Basics are very important, networking cyber security and hacking.

List of Some Forensic tools

This slideshow requires JavaScript.

Forensic Imaging:

  • Tableau-TD3
  • Digital Intelligence Ultrablock
  • Solo-4
  • Logicube Falcon
  • FTK Imager

Composite Tools:

  • Encase
  • FTK
  • UFED
  • Oxygen
  • Magnet axiom
  • Belkasoft
  • Autopsy
  • CDAC (CyberCheck, FRAT)


  • UFED Cellebrite touch/4pc
  • UFED Physical analyzer
  • Oxygen
  • CellDek Logicube
  • MPE+
  • Axiom
  • Belkasoft
  • Encase smartphone
  • Dr. fone
  • MOBILedit
  • paraben


  • Adroit Photo
  • Encase
  • FTK
  • R-studio
  • Photorec


  • MailXaminer
  • Paraben E-mail Examiner


  • Tableau password recovery
  • Elcomsoft
  • Passware
  • PRTK
  • Hashcat

Open sources

  • Nirsoft
  • Woanware
  • Linux Distros (Caine, Kali, Parrot, SIFT, Deft)
  • Wireshark
  • Volatility
  • DFF
  • Autopsy

Data Recovery

  • Recuva
  • Stellar
  • R-tools
  • File Scavenger
  • PC-3000

For complete list of tools: https://d3pakblog.wordpress.com/2016/12/27/computer-forensic-tools/

Open Source and VAPT Tools: https://d3pakblog.wordpress.com/2016/12/27/open-source-vapt-dfir-tools/

Glossary in short


Collection, analysis & presentation of Electronically Stored Information (ESI) from computers for the purpose of presentation as evidence in legal or other proceedings.


Cloud computing refers to the delivery of computing as a service rather than a range of products. Resources, software, and information are delivered to computers and other devices via the internet. Users access cloud-based applications by logging in via a web browser/light weight desktop/mobile app while the software and data are stored on remote servers.

Digital forensics is possible with data contained in ‘the cloud’, however, encryption can present barriers.


An umbrella term referring to forensics involving digital devices, including computer and network forensics. Refers to the evolution of computers into networks, mobile phones, PDA, GPS, etc.


An exact copy of a storage device.


The act of attaining a forensic image of a device.


The discovery and disclosure of information stored in electronic form, for the purpose of obtaining evidence.


Any information created or stored on an electronic device, including word processing documents, emails, voice messages, SMS, accounting ledgers, databases, etc.


Collection, analysis & presentation of digital communications between digital devices, such as computers, mobile phones, etc., for the purpose of presentation as evidence in legal or other proceedings.


Collection, analysis & presentation of Electronically Stored Information (ESI) from mobile and smart phones for the purpose of presentation as evidence in legal or other proceedings.


Storage using the Universal Serial Bus. A standard for attaching digital devices to computers, often used for external storage of ESI. Also, known as “Thumb Drive”, “Pen Drive” or “Flash Drive

For Complete detailed list:  https://d3pakblog.wordpress.com/2017/01/24/glossary-computer-email-forensics

DFIR Resources: https://d3pakblog.wordpress.com/2017/01/13/dfir-resources/

4 Comments Add yours


    This is very interesting for those in the field of Digital and Cyber Forensics. I really enjoy reading and learn a lot about your posts. Thank you and keep it up. THANK YOU

    Liked by 1 person

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.