Pieces0310

2017年12月28日 #

摘要：有个朋友喜欢玩手游,尤其是＂钢甲鐡拳＂,常见他玩的不亦乐乎.他昨天问了我一个问题,他说他喜欢把机器人战斗的画面录下来并上传视频,好让自己及其它人欣赏战况. 但他的问题在于,不论是用iTools的实时桌面或其它工具来录像,不但画面会有点模糊不清,甚至过程中都会lag,造成录下的视频内容不流畅,他非常的阅读全文

posted @ 2017-12-28 22:36 Pieces0310 阅读(1178) 评论(0) 推荐(0)

2017年11月22日 #

File signature analysis fails to recognize .old file

摘要： My friend May she found a strange file called "bkp.old" as below in the evidence files. She decided to use forensic tools to take a look at it and fig 阅读全文

posted @ 2017-11-22 18:27 Pieces0310 阅读(493) 评论(0) 推荐(1)

2017年10月25日 #

How to find missing USB Records?

摘要： In my previously article "EnCase missed some USB activities in the evidence files", I mentioned about that EnCase could only "see" few USB records. Ac 阅读全文

posted @ 2017-10-25 15:55 Pieces0310 阅读(370) 评论(0) 推荐(0)

2017年10月23日 #

Responder Pro new version could analyze Win10 memory dump

摘要： My friend John acquired a memory dump from Windows 10, but he could analyze this memory dump with any tools in hand. He was frustrated and thought may 阅读全文

posted @ 2017-10-23 22:00 Pieces0310 阅读(486) 评论(0) 推荐(0)

2017年10月6日 #

EnCase missed some usb activities in the evidence files

摘要： My friend is a developer and her colleague May was suspected of stealing the source code of an important project "X". The Police searched her apartmen 阅读全文

posted @ 2017-10-06 16:10 Pieces0310 阅读(581) 评论(0) 推荐(0)

2017年9月13日 #

The most interesting feature of iPhone X - FaceID

摘要： No doubt everybody knows that iPhone 8 & iPhone X appear on the market. A feature called FaceID draws my attention. It's really a revolution of recogn 阅读全文

posted @ 2017-09-13 21:16 Pieces0310 阅读(225) 评论(0) 推荐(0)

2017年8月10日 #

A glance at endpoint security

摘要： Last year hackers stole millions from Taiwan First Commercial bank's ATMs without using a card. This was absolutely a premeditated attack. Hackers "br 阅读全文

posted @ 2017-08-10 18:10 Pieces0310 阅读(316) 评论(0) 推荐(0)

2017年8月5日 #

How to bypass Win10 logon password?

摘要： Usually we will use LiveView or VFC to "boot up" the evidence files acquired from suspect's computer or laptop. What if his/her OS is Win10? Win10 has 阅读全文

posted @ 2017-08-05 08:50 Pieces0310 阅读(1032) 评论(0) 推荐(0)

2017年8月3日 #

Dig out WeChat deleted chat messages on Android Phone

摘要： As we know that WeChat will wipe deleted chat messages. That's why forensic guys could not dig out any deleted chat messages in EnMicroMsg.db. Is it p 阅读全文

posted @ 2017-08-03 13:13 Pieces0310 阅读(1177) 评论(0) 推荐(0)

2017年7月25日 #

当面对会反制遭破解装置的App该如何顺利提取数据

摘要：在检测App的过程之中,总会遇到比较棘手的,以”侦测是否遭破解的装置”为例,便会是个不好处理的状况.当App具备侦测装置是否已遭Root时,一旦发现装置已遭破解,便会停止运行,等于是只准安装及运行在未Root的装置之上. 有人会说,那就装可以”反反制”的App,来欺骗特定App是运行在非Root的装阅读全文

posted @ 2017-07-25 23:12 Pieces0310 阅读(321) 评论(0) 推荐(0)

公告