Tag: log2timeline


The Importance of Dual Tool Verification

Those of us working in the Digital Forensics and Incident Response realm rely on tools to harvest data for analysis, not to mention to perform the actual analysis. Let’s be honest: Without tools, we would have a dickens of a time doing our jobs. Unfortunately, this had led to examiners having an inherent high level[…]


MACtime Forensics

:MACtime Forensics: Timestamps are a critical part of forensics. It takes a skilled forensicator to examine all pertinent data available to them in order to find key evidence and provide an accurate timeline of events. The timestamps we will be discussing are the MACB timestamps. M – Modified Time A – Accessed Time C –[…]


PLASO – Google and Timelines

by Destruct_Icon
Categories: Analysis, Host Forensics
Tags: , , , , ,
Comments: Leave a Comment

PLASO – When Google Met Timelines Many moons ago (ok, not that many moons ago) log2timeline was the go to source for easily building a timeline from a forensics image. Log2timeline is an amazing application that builds out a timeline perspective of an image using any timestamps it can identify. This is done through a[…]

Today is Monday