Welcome to the New Site
The forensicmike1 blog has moved from WordPress on EC2 to reduce costs and simplify maintenance.
Posts
Taking a gander at iOS apps on an M1 Mac
I wanted to share some initial research I did over the rainy long weekend. I recently got access to a MacBook Pro with the M1 chip and so naturally I wanted to take a look at how running iOS apps...
Analysis of the ABTraceTogether app (iOS)
I decided to have a look at the ABTraceTogether contract tracing app released by the Alberta Government today (May 1 2020) and blog about my findings. There's potential for conspiracy theories and...
Examiner-coder-types: Learnin'git can make you a better developer
I decided to write an article about Git and Github. Why? I've been exposed to Git a lot since I started working for a software company. Now, I'm wishing I could go back in time and have used it a lot...
Spice up your forensic web reports with UI Frameworks
I wanted to blog about a subject that's come up in a number of converations recently- that is the idea of spicing up web reports spit out by scripts by making use of UI frameworks (which are...
KnowledgeC: Now Playing entries
I know it's been ages since I've posted! I have been settling in with Magnet Forensics and have to say - it's been an incredible experience so far. I continue to be amazed and inspired by the...
Photo Vault app still pwnable in 2021? An adventure in iOS RE
Update 2021/08/22: Thanks to a tip from a reader, it was brought to my attention that PPV iOS made some pretty big changes in a recent update (early August 2021 - version 11.9). In reading the...
A lesson in home network security
There's been a lot of buzz about RDP vulnerabilities of late, and one tweet in particular publicly shamed companies who in 2019 were still using port forwarding to remotely access machines on their...
Obtain a logical dump of Signal data on Android with signal-back
I've had a number of people asking for a walkthrough on this process so thought I'd make it into this week's blog entry. It's not a particularly technical process and I'm the first to admit doesn't...
forensicBlend: Designing a scalable community plugin API
I decided to start writing this series to document my work on forensicBlend, a project I previewed on Twitter yesterday that takes device logs and translates them into a modern report format that can...
Chatting .NET with Eric Zimmerman
I don't think anyone in the Digital Forensics world would dispute that Python is the most used language in forensic programming today. In fact, many of its more fanatical followers frequently remind...
iOS Photos.sqlite Forensics
Discussing with Shafik the correlation of photo albums to pictures on iOS using Photos.sqlite.
Aggregating iOS PowerLog data using C# - Part 1
Building on the work of Sarah Edwards to re-unify the PowerLog database with C# before running APOLLO.
MPT - LG's incognito version of KnowledgeC
Learn how LG has been tracking its users for years, and how devices are not purging this data on a factory reset.