Steve Bunting's  

   Computer Forensics Resource Site

    Resources for Computer Forensic Examiners . . . .

    "In the business of computer forensics, excellence is not an option;  it is an operational necessity."

External Resources

Computer Forensics Lab Resource Site Information

Upcoming Training

Other Useful Links:

BIOS Password Bypass

Computer Security Incidents - CERT

Delaware Code

DOJ Search Warrant Guidelines 

Email Examiner by Paraben

Forensic Wiki

Guidance Software (EnCase)

High Tech Crime Consortium

High Tech Crime Network

Identity Theft: US Government Site

ILook Forensic Software

Internet Fraud Complaint Center

Internet Hoaxbusters

Internet Service Providers Contact List - Contact Info for Service of Process - updated April 2005!

KaZAlyser (analyze FastTrack installations) and other tools by Paul Sanderson

National White Collar Crime Center

Netanalyzer and other tools by Craig Wilson / Digital Detective

OnTrack Hard Drive Jumper Settings

Password Recovery Tools and the Forensic Took Kit by Access Data

Sam Spade Internet Tracing Tools

Time Zones - Sorting Out the Time Stamps 

Urban Legends: Fact or Hoax

Virus Information Library- McAfee

 

Current Homeland Security Threat Level:


Searching for PST Data in the Unallocated Clusters Using the Outlook Compressible Encryption Code Page

Peer-to-Peer Forensics (FastTrack Software)

bullet

FastTrack (Kazaa, etc) DBB Database - Fields 1 - 9 Syntax and Explanation - Determining if a file was shared by examining the registry and the DBB files.

bullet

FastTrack (Kazaa, etc) DBB Database - Fields 1 - 9 Decoded in a Report Format Using EnCase

bullet

Understanding Last Shared Date / Time in FastTrack (Kazaa, etc) DBB Database File

bullet

Strange URL's appearing to be associated with Kazaa?  (For Example:  http://127.0.0.1:1214)

 

Base64 Processing with EnCase - The Easy Way!

System Time Changes and Event Logs - Event 577 and 520

Repairing Corrupted Event Log Files

BIOS Access on Various Systems

Registry Processing

UNIX Time Stamp + ID Number and Hotmail - Link URL in History  to Actual HTML Page

Analyzing "index.dat" fragments in Unallocated Clusters

Understanding timestamps in the "index.dat" files

Weekly History explained . . . .

Restore Point Forensics

Log Parser Use In Computer Forensics

Rebuilding Apple Partition Using EnCase

  
 
bullet

About our staff

 

Access Data Training

Guidance Software Training Calendar

Forward Discovery Training

National White Collar Crime Center Training Calendar

Paraben Training Calendar

 

 
This web site was created to provide assistance to computer forensics examiners engaging in cyber-crime investigations.  This field is rapidly evolving and changing as technology marches forward.  It is, therefore, intended to be a growing and evolving resource.  As you conduct your examinations and investigations, if you encounter information, links, or have suggestions that would help others, please let me know so I can add it to this site.  My email address is sbunting@udel.edu .  Thank you.
This site created and maintained by: 
  Stephen M. Bunting, CCFT, EnCE
Retired Captain, University of Delaware Police
 
 
Steve Bunting's Public PGP Key Server Room Temp
Warning to UCE senders / spammers:  My email address and any other email address found in this web site are not to be used, extracted, shared, or otherwise added to mailing lists for sending Unsolicited Commercial Email (UCE), better known as SPAM.  Sending UCE to persons in Delaware is a violation of the Delaware Criminal Code.  


Today's Weather
Click for Dover, Delaware Forecast