-->
Showing posts from 2018Show all
TeraCopy: A Forensic Analysis (Part 3)

After a suggestion and a much needed push from Phill Moore , I decided to create some SQL queries to decode the TeraCopy databases for Main ( part 1 ) and History ( part 2 ). I picked the most relevant columns that I deemed i…

TeraCopy: A Forensic Analysis (Part 2)

In the part one we went over the details found in the "main.db" file for TeraCopy. Here we will review what the History folder looks like. It can be found in here: C:\Users\ <USERNAME> \AppData\Roaming\T…

TeraCopy: A Forensic Analysis (Part 1)

TeraCopy is a great file transfer tool that I have been using for years because it was always faster than the Windows built in copier, allowed for pausing/resuming as well as many other features Microsoft lacked in Win7 (Win…

BSidesDE 2018 Recap

I had the pleasure of going to one of my local BSides conferences down in Delaware this weekend. It's my third year going to this specific one and to me the talks keep getting better and better each year. Below are just a…

The Man Behind the Mask

Inspired by a tech genius billionaire and my favorite comic book character I bring you STARK 4N6! I hope to share forensic research, findings, experiences, travels and everything in between. Sometimes you gotta run before …