It is our intention that the webinars we provide will give you invaluable information covering a wide range of different and diverse subjects which will help you in the development of your career.
Each of the Spyder Forensic’s is presented by an expert in his field and they will give you the opportunity to ask questions in the live question and answer sessions.
A forensic look at Windows 10 Timeline
In 2018 Windows 10 introduced a new feature named “Timeline” which has seen enhancements in subsequent updates to the Operating System in 2018 ~ 2020. This feature acts like a browser for all your recent file and web interactions on the local computer as well as mobile devices and if enabled your additional trusted devices too. It provides a chronological view of software interactions, which not only contains the websites visited but all documents edited, the pictures you viewed as well as information of which machine it was interacted with last, most importantly the amount of time the user interacted with the item.
During this session we will take a deep dive into the artifacts this feature creates and how they may be used by the system and interpreted in a forensic examination. Attendees will gain a deeper understanding of the complexities of this feature and a first-hand look at the SQLite database containing all the artifacts while gaining an understanding of the cloud-based synchronization issues. Attendees will be exposed to advanced SQLite queries to interpret the data into a more human readable format.
The use of Drones is rapidly growing and expanding into criminal enterprises and terrorist organizations and news feeds are continually reporting on crimes being successfully prosecuted where UAV forensics has been instrumental in placing someone and something at the crime scene. Correctional Facilities and deployed militaries are now also dealing with UAV’s on a regular basis and creating a new branch of digital forensics. This session is designed to introduce the investigator into the world of Drone Forensics and gain insight into the types of evidence the examiner is likely to encounter.
Topics of discussion include:
How to collect data from a Drone and its associated controller application
Description of the different hardware components to be examined
Examination of .dat files and logs from the aircraft and controller
Data interpretation using industry accepted tools
Microsoft recently updated its default browser, Edge, adopting the open source Chromium backend storage. This webinar takes a first look at the data structures Microsoft has adopted and defines many of the artifacts located in SQLite databases and other data formats. This session will share SQLite queries scripted by Spyder Forensics to help examiners pull data directly from the data structures ahead of mainstream forensic software applications.
The default Photos App on a Windows 10 system allows users to import, sync, view and edit photos in a single application, but what other information is it tracking behind the scenes? During this webinar we will look at the forensics artifacts that reside on the system including an SQLite database that contains a wealth of information that can be useful during an examination
SQLite is the most popular database format in the world, especially for mobile applications. Today the chances of coming across this type of database are more likely than not. During this webinar we will discuss the basics of SQLite forensics, the terminology and why it is important for examiners to have at least a fundamental understanding of SQLite.
When we are performing forensic examinations on SQLite databases, the associated Journal Files can provide us with historical states of the database, but how do these journal files work? During this webinar we will discuss how SQLite journaling works and the benefits they can provide during an examination.