Nick Furneaux

November 28, 2016

RAM Analysis for Investigators now ONLINE!

Our renowned RAM Analysis for Investigators class is now online, click here for details
March 29, 2016

The King and the Apple

As the Court case between the FBI and Apple has gone away (for now), I offer a cautionary tale. To back door or not to back […]
December 4, 2014

Finding your external IP address

As I carry out a significant amount of OSInt work I often bump into the problem of needing to enumerate IP addresses.  This can include knowing […]
March 7, 2014

Recreating files from the Volatility MFT parser

I was teaching RAM analysis at the Swedish Police Academy this week, which included a segment on parsing out the MFT.  This is an extraordinary capability […]
November 2, 2013

Mapping Corporate infrastructure with Open Source data

Whilst teaching my recent OSI course we had spent a good deal of time mapping the online infrastructure of a company using Maltego.  The footprinting ‘machines’ […]
August 29, 2013

Extracting recent contacts from OSX Mail

Having spent the best part of the last decade working on Live Forensic techniques I’ve begun to turn my attention to OSX.  I’m an unashamed MacHead […]
June 5, 2013


Download This tool stems from the need to extract unencrypted Skype chat from a RAM dump. Its a bit old now and needs some work but […]
June 5, 2013

ivMeta – iPhone Metadata

Download ivMeta is a tool designed to extract useful forensic metadata from iPhone video.  It was written by Robin Wood from (Top pen tester) in response to […]
May 29, 2013

iPhone Video Metadata

First question, if you start a sentence with the word iPhone should you captialise the ‘I’, answers on a postcard please. Second question came from a […]