WinFE based on WinPE for Windows 10
WinFE based on WinPE for Windows 10 (English) is available.
OSDFCon 2018 Presentation & bulk_extractor-rec03
OSDFCon 2018 slides are now available. I talked about "A Combination of Advanced Carver and Intelligent Parser" and bulk_extractor-rec03 has been released.
Carving utmp records for intrusion analysis
I posted about Carving utmp records for intrusion analysis using utmp scanner of bulk_extractor-rec
USN Analytics
Analysis Tool for USN Journal/Change Journal, USN Analytics has been released.
bulk_extractor-rec02
bulk_extractor-rec02 has been released.
Bulk Extractor with Record Carving
To carve out in NTFS internal records and Unix utmp records, Bulk Extractor with Record Carving has been released.
PolAdtEv for Windows 10(1607)
A structure of PolAdtEv key has changed since Windows 10(1607)/2016.
Web Site Renewal
I have arranged the contents on the site.