News & Events

News tagged "Metasploit Anti-Forensics Project"

HowStuffWorks – How Computer Forensics Works

When the company Enron declared bankruptcy in December 2001, hundreds of employees were left jobless while some executives seemed to benefit from the company’s collapse. The United States Congress decided to investigate after hearing allegations of corporate misconduct. Much of Congress’ investigation relied on computer files as evidence. A specialized detective force began to search …


CIO Magazine – How Online Criminals Make Themselves Tough to Find, Near Impossible to Nab – May 2007

Vincent Liu will be featured in CIO Magazine – How Online Criminals Make Themselves Tough to Find, Near Impossible to Nab. Forensic investigations start at the end. Think of it: You wouldn’t start using science and technology to establish facts (that’s the dictionary definition of forensics) unless you had some reason to establish facts …


Journal of Digital Forensic Practice – Challenging the Presumption of Reliability – Mar2006

Vincent Liu authors Digital Evidence: Challenging the Presumption of Reliability in the 2006-Volume 1 issue of the Journal of Digital Forensic Practice. There is a general tendency among courts to presume that forensic software reliably yields accurate digital evidence. As a judicial construct, this presumption is unjustified in that it is not tailored …


Windows File Time Stamp Display Flaw

Windows file time stamps can be set to extremely low values via the NtSetInformationFile() system call. The Windows API does not properly translate the low 64-bit time values stored on disk into human readable format, and displays no information instead. Although this is not a security vulnerability in itself, it adversely affects third-party applications that rely upon the Windows API to perform the translation.

Metasploit Anti-Forensics Project, Windows Security