Part 1 of this series illustrated my search for the best application to keep forensic case notes and research. Part 2 covered the organization of the notebook and the various section groups, sections, and pages. In this third and final installment I will discuss how Microsoft OneNote integrates with other applications to both store relevant information and be able to retrieve that information later for generating final reports, emails, etc. Continue reading
In Part 1 of this series, I discussed my search for a tool to keep my forensic notes and research organized while providing readability and searchability. I decided on Microsoft OneNote as the ideal solution to fit my needs. In this post, I will show how I have decided to organize my OneNote notebook and the sections that go into it. Continue reading
Good notes, documentation, and reports are all keys to successful work as a forensic
analyst. In addition, it is also important to be able to quickly locate relevant details in those bodies of work. All three can be accomplished with pen and paper, a word processing application, a digital notes application, an application specifically for case notes, or any combination of the above.
Not being able to read my own handwriting pretty much ruled out pen and paper for me, hence my search for a better tool for my forensic note taking and documentation needs. Continue reading
While attending Citrix Synergy 2017 last week the BlueScreenView tool from NirSoft was mentioned as a tool for troubleshooting desktops in a Citrix VDI environment. Although this tool can be helpful for troubleshooting BSOD in both physical and virtual computers it also struck me as a good tool for incident response and digital forensics.
BlueScreenView is a free tool provided by NirSoft and is used to view the contents of the dump file generated when a BSOD occurs. Continue reading