- 7
- 2 299
Detectalix
Приєднався 4 жов 2022
Detectalix is born from passion for digital forensics and OSINT.
Therefore, Detectalix aims to contribute (in its small way) spreading the knowledge of tools, techniques and news of these interesting and challenging disciplines and to provide related professional consulting services.
Therefore, Detectalix aims to contribute (in its small way) spreading the knowledge of tools, techniques and news of these interesting and challenging disciplines and to provide related professional consulting services.
File carving and data recovery with open source tools
This video introduces the most important concepts of file carving and then covers specialized tools to help automatically recover deleted files from a disk image, such as The Sleuth Kit, Foremost, Scalpel and Photorec.
Переглядів: 83
Відео
Windows Registry analysis with RegRipper (on Kali Linux)
Переглядів 9814 місяці тому
The video introduces the Windows Registry and then covers its forensic analysis on a Kali Linux workstation using RegRipper, an open source tool specifically designed to extract forensic artifacts from the Registry.
The Sleuth Kit® and filesystem forensics
Переглядів 737 місяців тому
In this video we are going to illustrate the most important concepts about disk partitioning, volumes and filesystems. Then we are going to introduce the Sleuth Kit, a set of open-source, filesystem forensic CLI tools, explaining the functionalities of the different categories of tools and finally we are going to show their usage to analyze a NTFS filesystem of an acquired image.
ANDROID FORENSIC ACQUISITION
Переглядів 4169 місяців тому
This video first introduces you to Android data storage and filesystem structure, Android rooting and ADB (Android Debug Bridge). Then it covers the concepts of logical and physical acquisitions and finally presents practical examples of how to perform both types of acquisition of an Android device using ADB and the forensic tool dc3dd.
FORENSIC DISK IMAGE ACQUISITION WITH dc3dd
Переглядів 21410 місяців тому
In this video, we illustrate the process of acquiring the image of a disk drive using the command line tool dc3dd, a forensic oriented version of the known tool dd (data dump)
Hard disk forensics: HPA e DCO
Переглядів 5262 роки тому
Introduction to the basic concepts of Device Configuration Overlay (DCO) and Host Protected Area (HPA) and how to detect and remove them, to access and analyze hidden data, using the 'hdparm' tool.
I'm getting "Mount: /mnt/htbescape12: wrong fs type, bad option, bad superblock on /dev/loop0, missing codepage or helper program, or other error." after the command #mount -ro,offset=32256 NTUSER.DAT.000.raw /mnt/htbescape2/ -The only thing that didnt go exactly like your video so far was installing wine32. Kali wouldnt install it and said i needed to install libwine instead. Do i perhaps need to do some configuring in libwine? anu ideas would be appreciated. Thanks
Thanks for sharing!
@@PatrikGissleholm-b3h I'm glad you like it :)
hello, i have final task about data hiding HPA and DCO, can you help me, please?
hello, i have final task about data hiding HPA and DCO, can you help me, please?
Hi if you still need help you can contact me at detectalix (at) protonmail. com
Amazing! I lovedthe examples. it really helped illustrate it more to me. Thank you!
Thank you very much for the comment! 🙏 Stay tuned as I'm going to revive this channel and upload new videos soon 🙂