Difference between revisions of "Main Page"

From ForensicsWiki
Jump to: navigation, search
m (Cosmetic.)
(Update of research section/archived previous research content to Past Selected Research page)
 
(190 intermediate revisions by 12 users not shown)
Line 1: Line 1:
This is the '''Forensics Wiki''', devoted to information about digital forensics. We are just getting started, but still encourage you to browse the site and contribute whatever information you have available.  
+
<div style="margin-top:0.5em; padding:0.5em 0.5em 0.5em 0.5em; background-color:#faf0ff; align:right; border:1px solid #ddccff;">
 +
This is the '''Forensics Wiki''', a [http://creativecommons.org/licenses/by-sa/2.5/ Creative Commons]-licensed [http://en.wikipedia.org/wiki/Wiki wiki] devoted to information about [[digital forensics]] (also known as computer forensics). We currently list a total of [[Special:Allpages|{{NUMBEROFARTICLES}}]] pages.
 +
 
 +
Much of [[computer forensics]] is focused on the [[tools]] and [[techniques]] used by [[investigator]]s, but there are also a number of important [[papers]], [[people]], and [[organizations]] involved. Many of those organizations sponsor [[Upcoming_events|conferences]] throughout the year and around the world. You may also wish to examine the popular [[journals]] and some special [[reports]].
 +
</div> 
  
Much of computer forensics is focused on the [[tools]] and [[techniques]] used by investigators, but there are also a number of important [[papers]], [[people]], and [[organizations]] involved. Many of those organizations sponsor [[conferences]] throughout the year and around the world. You may also wish to examine the popular [[journals]] and some special [[reports]].
 
  
===Quick Links===
+
==WIKI NEWS==
 +
2016-03-30: '''Site Maintenance on 2016-04-01''' Attention Forensic Wiki community, site maintenance will be occurring on 1 April 2016 from 9AM EST to 1PM EST. During this time Forensic Wiki will not be available as it will be offline to perform environment upgrades.
  
* [[Conferences]]
+
2015-08-26: – A support email address (support AT forensicswiki.org) was created for all your forensicswiki needs.  This is a mailing list that goes to the appropriate staff that will assist with site maintenance, issues, etc.  If you have questions or issues with the site please send us an email.
* [[Tools]]
+
 
* [[Books]]
+
'''2015-07-18''': Forensic Wiki has been acquired by Harris Corporation for the betterment of the community.  All licensing and data rights are staying the same, there’s just corporate funding behind the site now.  The wiki will remain as an international resource, with no editorial input from Harris whatsoever.  All of the existing editorial controls and checks and balances will remain in place.  All of the existing accounts carry forward.
* [[Email Headers]] --- All about the art of deciphering where email came from, what program was used, and who sent it.
+
 
* [[File Formats]] --- A general list of all file formats.
+
2013-05-15: You can now subscribe to Forensics Wiki Recent Changes with the [[ForensicsWiki FeedBurner Feed]]
* [[Forensic file formats]] --- Formats for disk images and metadata used by computer forensic programs.  
+
 
* [[File Systems]] --- Used by computers to lay out the way information is stored on hard drives and other block-oriented systems.
+
{| width="100%"
* [[Mailing lists]]
+
|-
* [[Organizations]]
+
| width="60%" style="vertical-align:top" |
* [[Personal Digital Devices]] --- Forensics of Cellphones, PDAs, Audio/Video Players, and the list goes on...
+
<!-- Selected Forensics Research --> 
* [[Sanitization Standards]]
+
<div style="margin-top:0.5em; border:2px solid #ff0000; padding:0.5em 0.5em 0.5em 0.5em; background-color:#ffff99; align:center; border:1px solid #ddccff;">
* [[Recovering Overwritten Data]] --- A hot topic.
+
<h2 style="margin:0; background-color:#ffff33; font-size:120%; font-weight:bold; border:1px solid #afa3bf; text-align:left; color:#000; padding-left:0.4em; padding-top:0.2em; padding-bottom:0.2em;"> Featured Forensic Challenge </h2>
* [[Vendors]]
+
 
* [[Websites]]
+
;[[Digital_Forensic_Research_Workshop|Digital Forensic Research Workshop]]
* [[Write Blockers]]
+
 
 +
The current Digital Forensic Research Workshop (DFRWS) is about the Internet of Things (IoT). Analysis of devices and network data including a Smart TV Raspberry Pi and Amazon Echo cloud data are part of the scenario.
 +
 
 +
See more about [[Digital_Forensic_Research_Workshop|DFRWS here...]]
 +
(See also [[Past Selected Articles|Past Selected Research]])
 +
 
 +
| width="40%" style="vertical-align:top" |
 +
 
 +
<div style="margin-top:0.5em; border:2px solid #00ff00; padding:0.5em 0.5em 0.5em 0.5em; background-color:#ffeeff; align:center; border:1px solid #ffccff;">
 +
<h2 style="margin:0; background-color:#ffff33; font-size:120%; font-weight:bold; border:1px solid #afa3bf; text-align:left; color:#000; padding-left:0.4em; padding-top:0.2em; padding-bottom:0.2em;">  Featured Article </h2>
 +
;[[Apple File System (APFS)]]
 +
: APFS, or Apple File System, is the file system designed by Apple Computer to supersede HFS+ and take advantage of flash/SSD storage and native encryption support. APFS also introduced file system snapshots, support for sparse files, and greater time stamp granularity.
 +
[[Apple File System (APFS)|Read More...]]
 +
 
 +
|}
 +
 
 +
<!-- This begins the two-column section -->
 +
 
 +
{| width="100%"
 +
|-
 +
| width="60%" style="vertical-align:top" |
 +
 
 +
<div style="margin-top:0.5em; padding:0.5em 0.5em 0.5em 0.5em; background-color:#eeeeff; align:right; border:1px solid #ddccff;">
 +
 
 +
<h2 style="margin:0; background-color:#ccccff; font-size:120%; font-weight:bold; border:1px solid #afa3bf; text-align:left; color:#000; padding-left:0.4em; padding-top:0.2em; padding-bottom:0.2em;">Topics</h2>
 +
 
 +
* '''[[File Analysis]]''':
 +
** '''[[:Category:File Formats|File Formats]]''': [[PDF]], [[DOC]], [[DOCX]], [[JPEG]], [[GIF]], [[BMP]], [[LNK]], [[MP3]], [[AAC]], [[Thumbs.db]], ...
 +
** '''[[Forensic file formats]]''': [[AFF]], [[gfzip]], [[sgzip]], ...
 +
* '''[[File Systems]]''': [[FAT]], [[NTFS]], [[ext2]]/[[ext3]], [[ufs]], [[ffs]], [[reiserfs]], ...
 +
** '''[[File Systems#Cryptographic_File_Systems|Cryptographic File Systems]]''': [[File Vault]], [[EFS]], [[CFS]], [[NCryptfs]], [[TCFS]], [[SFS]], ...
 +
* '''[[Hardware]]''':
 +
** '''[[Bus]]ses''': [[IDE]], [[SCSI]], [[Firewire]], [[USB]], ...
 +
** '''[[Data storage media|Media]]''': [[RAM]], [[Hard Drive]]s, [[Memory Card]]s, [[SmartCard]]s, [[RFID]] Tags...
 +
** '''[[Personal Digital Devices]]''': [[PDAs]], [[Cellphones]], [[SmartPhones]], [[Audio Devices]], ...
 +
** '''[[Other Devices]]''': [[Printers]], [[Scanners]], ...
 +
** '''[[Write Blockers]]''': ...
 +
* '''Recovering data''': [[Recovering bad data|bad data]], [[Recovering deleted data|deleted data]], [[Recovering Overwritten Data|overwritten data]], [[Sanitization Standards]]
 +
* [[Encryption]]
 +
* [[GPS]]
 +
* [[Forensic_corpora|Forensic Corpora]]
 +
* [[Network forensics]]: [[OS fingerprinting]], [[Hidden channels]], [[Proxy server|Proxy servers]]
 +
* [[Steganography]], [[Steganalysis]]
 +
* '''[[Metadata]]:''' [[MAC times]], [[ACLs]], [[Email Headers]], [[Exif]], [[ID3]], [[OLE-2]], ...
 +
* '''[[Legal issues]]:''' [[Caselaw|Case law]]
 +
* '''Further information:''' [[Books]], [[Papers]], [[Reports]], [[Journals]], [[Websites]], [[Blogs]], [[Mailing lists]], [[Organizations]], [[Vendors]], [[Conferences]]
 +
</div>
 +
 
 +
 
 +
 
 +
| width="40%" style="vertical-align:top" |
 +
 
 +
<!-- Tools -->
 +
<div style="margin-top:0.5em; padding:0.5em 0.5em 0.5em 0.5em; background-color:#e0ffe0; align:right; border:1px solid #ddccff;">
 +
 
 +
<h2 style="margin:0; background-color:#ccffcc; font-size:120%; font-weight:bold; border:1px solid #afa3bf; text-align:left; color:#000000; padding-left:0.4em; padding-top:0.2em; padding-bottom:0.2em;">[[Tools]]</h2>
 +
 
 +
* '''[[:Category:Disk Imaging|Disk Imaging]]''': [[dd]], [[dc3dd]], [[dcfldd]], [[dd_rescue]], [[sdd]], [[aimage]], [[Blackbag]], ...
 +
* '''[[Tools:Data Recovery|Data Recovery]]''': ...
 +
* '''[[Tools#Disk_Analysis_Tools|Disk Analysis]]''': [[EnCase]], [[SMART]], [[Sleuthkit]], [[foremost]], [[Scalpel]], [[frag_find]]...
 +
* '''[[Tools#Forensics_Live_CDs|Live CDs]]''': [[DEFT Linux]], [[Helix]] ([[Helix3 Pro|Pro]]), [[FCCU Gnu/Linux Boot CD]], [[Knoppix STD]], ...
 +
* '''[[Tools:Document Metadata Extraction|Metadata Extraction]]''': [[wvWare]], [[jhead]], [[Hachoir | hachoir-metadata]], [[Photo Investigator]]...
 +
* '''[[Tools:File Analysis|File Analysis]]''': [[file]], [[ldd]], [[ltrace]], [[strace]], [[strings]], ...
 +
* '''[[Tools:Network_Forensics|Network Forensics]]''': [[Snort]],  [[Wireshark]], [[Kismet]],  [[NetworkMiner]]...
 +
* '''[[:Category:Anti-forensics tools|Anti-Forensics]]''': [[Slacker]], [[Timestomp]], [[wipe]], [[shred]], ...
 +
* '''[[Tools#Other_Tools|Other Tools]]''': [[biew]], [[hexdump]], [[MailXaminer]]...
 +
</div>
 +
 
 +
<div style="margin-top:0.5em; padding:0.5em 0.5em 0.5em 0.5em; background-color:#c0ffff; align:right; border:1px solid #ddccff;">
 +
 
 +
<h2 style="margin:0; background-color:#99ffff; font-size:120%; font-weight:bold; border:1px solid #afa3bf; text-align:left; color:#000000; padding-left:0.4em; padding-top:0.2em; padding-bottom:0.2em;">[[:Category:Top-Level|Categories]]</h2>
 +
 
 +
The contents of this wiki are organized into various [[:Category:Top-Level|categories]]:
 +
 
 +
* [[:Category:Tools|Tools]]
 +
* [[:Category:Disk file systems|Disk file systems]]
 +
* [[:Category:File Formats|File Formats]]
 +
* [[:Category:Howtos|Howtos]]
 +
* [[:Category:Licenses|Licenses]]
 +
* [[:Category:Operating systems|Operating systems]]
 +
* [[:Category:People|People]]
 +
* [[:Category:Bibliographies|Bibliographies]]
 +
 
 +
</div>
 +
 
 +
 
 +
|}
 +
 
 +
<div style="margin-top:0.5em; padding:0.5em 0.5em 0.5em 0.5em; background-color:#faf0ff; align:right; border:1px solid #ddccff;">
 +
'''You can help!'''  We have a list of [[:Category:Articles_that_need_to_be_expanded|articles that need to be expanded]]. If you know anything about any of these topics, please feel free to chip in.
 +
</div>
 +
 +
 
 +
 
 +
 
 +
__NOTOC__

Latest revision as of 19:06, 30 October 2017

This is the Forensics Wiki, a Creative Commons-licensed wiki devoted to information about digital forensics (also known as computer forensics). We currently list a total of 933 pages.

Much of computer forensics is focused on the tools and techniques used by investigators, but there are also a number of important papers, people, and organizations involved. Many of those organizations sponsor conferences throughout the year and around the world. You may also wish to examine the popular journals and some special reports.


WIKI NEWS

2016-03-30: Site Maintenance on 2016-04-01 Attention Forensic Wiki community, site maintenance will be occurring on 1 April 2016 from 9AM EST to 1PM EST. During this time Forensic Wiki will not be available as it will be offline to perform environment upgrades.

2015-08-26: – A support email address (support AT forensicswiki.org) was created for all your forensicswiki needs. This is a mailing list that goes to the appropriate staff that will assist with site maintenance, issues, etc. If you have questions or issues with the site please send us an email.

2015-07-18: Forensic Wiki has been acquired by Harris Corporation for the betterment of the community. All licensing and data rights are staying the same, there’s just corporate funding behind the site now. The wiki will remain as an international resource, with no editorial input from Harris whatsoever. All of the existing editorial controls and checks and balances will remain in place. All of the existing accounts carry forward.

2013-05-15: You can now subscribe to Forensics Wiki Recent Changes with the ForensicsWiki FeedBurner Feed

Featured Forensic Challenge

Digital Forensic Research Workshop

The current Digital Forensic Research Workshop (DFRWS) is about the Internet of Things (IoT). Analysis of devices and network data including a Smart TV Raspberry Pi and Amazon Echo cloud data are part of the scenario.

See more about DFRWS here... (See also Past Selected Research)

Featured Article

Apple File System (APFS)
APFS, or Apple File System, is the file system designed by Apple Computer to supersede HFS+ and take advantage of flash/SSD storage and native encryption support. APFS also introduced file system snapshots, support for sparse files, and greater time stamp granularity.
Read More...


Topics



You can help! We have a list of articles that need to be expanded. If you know anything about any of these topics, please feel free to chip in.