r/digitalforensics

Howdy all,

(Throat-clearing preamble: I'm a private defense investigator so I can't get Cellebrite training, from the vendor, anyway. I'm not a forensic analyst, am not going to testify, etc. but like to understand enough to look for leads before hiring a pro; time and financial resources always have to be considered and attorneys don't love hiring experts to go on fishing expeditions based on a long shot theory of mine.)

I look at Cellebrite reports all of the time and am pretty familiar with the basics. However, I was wondering if someone could help me with a few more technical questions.

Also, I'm very happy to be pointed towards any training resources.

- Is it correct that the Biome is not a complete log of device events? I read that it has more to do with something like a prediction engine and Siri but not certain.

- Are more complete logs (than Biome) accessible via database queries? If so, can those be accessed from within a UFDR report? Or does that require the FFS extraction? I usually get the UFDR report, but sometimes get the zipped FFS as well.

- To open a Cellebrite FFS or Greykey extraction requires law enforcement grade tools like Physical Analyzer, correct?

- Are DevicePluginStatus events in Biome exactly what they appear to be? Someone is plugging/unplugging the cable at those time stamps?

- In the timeline I see Power Events (mobileactivationd.log) but only Power On. Are Power Off events not logged?

I have so many questions, but if y'all could help with these that would be brilliant!

-

Dear Hackers and pentesters

my uncle have all his credentials saved on a built in note app in redimi note 8 pro (not synced to his acc)

The password is 4 digit long and contains only numbers

he is trying to remember without success

After multiple attempts the phone lockdown for 3 minutes, but restarting the phone reset the timer, so basically we have unlimited attempts

If u guys can help me with a way or the tool needed in kali that can help me brute force the phone I would be appreciated

This account has been sexually harassing me cross-platform since 2021 under the same username/alias. How can I find information about this account and who’s behind it? These platforms include discord, snapchat, and instagram. Any advice would be appreciated. I tried “forget password” on instagram and found the information that their gmail used is the same as this alias.

Worked LE forensics for 5 years, now on the compliance side. CDR analysis was always the most time-consuming part of any investigation.

Back in the day: export to CSV, manually correlate in Excel, cry.

Tools I've heard mentioned: Nuix, Cellebrite, i2 Analyst's Notebook, CellHawk, NightHawk (LeadsOnline).

Curious what people are actually running in production. What handles multi-carrier data well? What plays nicely with financial records for joint investigations? What's the timeline correlation like?

Not looking for vendor pitches — genuinely want to know what practitioners are using.

Hi,

I am building a small web tool that creates a hash of a file and generates a certificate to prove that the file existed at a specific time.

The file is not stored. The idea is to keep the process simple: upload a file, generate its hash, register the proof, and receive a certificate that can be verified later.

I know this is not the same as notarization or legal certification. My goal is more practical: to create a simple proof of existence that can be useful as supporting evidence in disputes, documentation, insurance cases, creative work, property damage, etc.

I would like to get feedback from people with more experience in digital evidence and forensic workflows.

Main questions:

- Does this approach make sense as a basic proof-of-existence tool?
- What would you expect to see in the certificate?
- What technical or trust problems should I solve first?
- Would blockchain anchoring add real value here, or is a signed timestamp enough?

This is not a finished product. I am mainly looking for technical feedback.

Thanks.

Free and open source. Anyone who contributes to the code is awarded cryptocurrency on our site. Currently our site is down for maintenance, but it will be back up in a few days. Let’s work together and change the world.

Hey guys! I appreciate the feed back from my other article and here's part 2! I found more damning evidence of an organized network and replied to some pedophile talking points!

Any comments/tips/concerns are very welcome!

Has anyone had experience working as a Digital Forensics Consultant? I'm in the interview process and I cannot find any info beyond their website. If anyone has any insights on salary, working conditions, travel, and pro and cons please let me know!

Okay, so I am currently 17 years old and this man met me when I was 16. I don't want to get into the details but I will say that there was a lot of manipulation and mind games involved. I foolishly believed that the information he gave to me was true, but when I decided to look him up, nothing could be found. I even called his school to find his information and a student all to find out that there was no student with that name. He sent me a lot of photos and we video called a few times, so I think it's unlikely he could have messed with his images. But his phone number is a dead end, along with his email and other social media accounts.

I know logically I should go to the police and file a report but I don't think they would be very helpful in this case as I have had similar issues and nothing was actually done.

The bottom line is : I want justice and closure for myself. Even though online abuse is a bit nuanced and hard to consider as "actual abuse", I don't want anyone else to go through with the madness and emotional turmoil I went through. And I cannot do it without some help. If anyone is willing to offer advice and resources to do my own private investigation it would be very appreciated.

Edit: If you are not going to be helpful, victim blame, or try to direct me to local law enforcement, do not waste your time on my post. I will find this man one way or another, with or without the help of Redditors such as yourselves. Either you have solid advice or you don't, and if you're the latter then my post is not for you.

Edit #2: I honestly forgot how many weird males there are on this platform because why on earth am I getting downvoted for not trusting law enforcement with my issues? You do know that the police doesn't have the answers for everything right? When cold cases from 50 years ago get solved, it's not from the detectives or the patrol officers magically finding the perps and arresting them. It's from forensics, whether that be digital or DNA or genealogy. The police themselves cannot do anything without evidence, and most of the time they don't know where to look, which is where outside sources come in. From my knowledge digital forensics is supposed to be about investigating and not running to the pork chops eating donuts at the office whenever things get too tough to handle. This a investigative field so why are we suddenly afraid to do our own deep dive when it comes to cases like this.

TDLR: Grow up man babies! Also thank you to the lovely women who actually wanted to help you're amazing <3 Okay I'm done ranting now back to the case I go!

I decided that I'm going to document this journey on here, that is if it ends up going anywhere. I did a basic search for EXIF data on the images for his location, no luck. The only thing I could get is that the photos he sent are from 2016. Not much to go off of. I'm at a dead end. I know this is terrible, but I'm thinking about going back to him to see if I can confront him with what little information I have. I won't though, because that's foolish, and I know that a lot of people on here would love to see me give up and crawl back to being a pet for someone's amusement.

Anyways, I'm going to see what I can find. I'll keep you guys in the loop. And as always if you don't like something I say, keep it pushing.

I know upwork, is it good ? Any other place ? Is going to a physical office of private invastigator better ? But will he/she know osint and digital forensics ? Thank you all for your answers.

Hello, I’m fairly new to Digital Forensic and was looking for some beginner Certs to help get my foot in the door. Should I start with CompTIA a+ Cyber or CySA+?

Hello everyone!
I am here to ask for some advice.
Let me put some background first.
I (22F) am from Bulgaria.
I have completed my Bachelor’s in Cybersecurity with excellence and 2 years earlier than normal because I decided to go on an individual learning schedule and pass all the exams plus write and present my thesis earlier.
At the moment I am undergoing my Master’s in DF which is expected to be completed in March 2027 after I pass the exams, write and present my thesis. Everything passed already is with the highest score possible.
I have been working in the IT field for some years now - started as frontend programmer, then got in cybersecurity with a support-like position, became an analyst in a SOC team, did some cybersecurity engineering freelance and currently I am a threat intelligence analyst for one US company - remotely.
The thing is that this last position is not the normal TIA and I feel like I am not working on the right skills if I want to get in DF.
I was also wondering what positions there are in the private sector, is there a demand for DF specialists? There is also a possibility to become an expert working on court cases but they need 5 years of experience and I have 4 at the moment.
I find DF very interesting and would really want to get in the field and do this full time.
My question is how to prepare myself and what to look for - courses, certificates, tools, labs, jobs, companies. Also government or private?
Any insights would be much appreciated!

Hey guys, I have come across this profile https://www.instagram.com/illandyinnovation?igsh=dm02cmtqMmdsamV2 of a man who is having a very difficult fight with cancer. I really wish to support him, however I have noticed several other profiles of this same man begging for help and donations, and I'm really scared that there's people using this man's posts to get people to give them money, money that was meant to help this man's recovery. Is there any way to confirm if this is his real profile or maybe someone might know the real profile in case it's not?

I feel like it's important and I've been checking on him regularly. It sickens me knowing that there's some people who want to scam people out of their money by stealing this man's content.