Step 1: Identification The identification process is where the forensic investigator examines the available and potential sources for digital information.…

WireShark is a free and open source network protocol analyzer. WireShark is used worldwide by a variety of security professionals…

FTK Imager is a digital forensics tool developed by Exterro. FTK Imager is a tool used for creating forensic images…

Xplico is an open source network forensics tool that differs from a network protocol analyzer. Xplico extracts the contents of…

Thumbcache Viewer is a free tool that allows the user to extract thumbnail images associated with multimedia files on a…

The SIFT Workstation is a collection of digital forensic tools developed by SANS Institute. The SIFT Workstation not only provides…

OS Forensics is an organization that develops free and paid digital forensics tools. OS Forensics offers four tools which can…

WinHex is a hexadecimal editor which is used for a variety of data recovery and digital forensic tasks. WinHex works…

As illustrated in the previous section there is a shortage of IPv4 addresses available to the public. Because of this…

Internet protocol version 4 (IPv4) is one of the most commonly used protocols and serves as an internationally recognized standard…

IPv6 artifacts are pieces of digital evidence that can be collected and analyzed in the process of IPv6 forensics. These…

IPv6 forensics is the process of collecting, analyzing, and interpreting digital evidence from Internet Protocol version 6 (IPv6) networks and…