Memory Analysis Registry Inspector Research Uncategorized

Announcing the BETA release of DAMM

Announcing the BETA release of DAMM, a FOSS memory analysis platform built on top of Volatility Memory analysis is the new(-ish) big thing in the incident response, malware analysis, digital forensics space for the moment, and so all the cool kids seem to be doing it. While memory analysis is an incredibly powerful technique, we […]

malware Research Uncategorized

Forensics Tools –

Recently, we had the pleasure to join David Cowen on several episodes of his weekly show Forensic Lunch.  In this particular episode on Youtube, we discussed some of our recent research on discovering previously unknown Windows registry values with embedded timestamp information.  As promised, we are releasing our script to the community at large so […]

Presentations Registry Inspector Research

Registry Analysis for Digital Forensics and Incident Response Master Class: NOW LIVE

Digital forensics experts Vico Marziale, Joe T. Sylve , Jerry Stormo of 504ensics, and Andrew Case are instructors in Hacker Academy’s  Registry Analysis for Digital Forensics and Incident Response Master Class. The Registry Analysis Master Class is a self paced course that teaches investigators how to use and understand registry forensics during their own investigations, […]

Conferences Dalvik Inspector Presentations

504ENSICS Recap: What we’ve been up to

Hello from the 504ensics Labs team. We’ve been pretty busy traveling for the last few weeks, so the blog’s been a bit quiet. Now that we’re back we just thought we’d share some of the interesting things we did, saw, and heard. First up was the Open Memory Forensics Workshop (OMFW) near D.C. Joe presented […]


504ENSICS Releases Digital Forensics Tool: SPOTLIGHT INSPECTOR

504ENSICS Labs just released Spotlight Inspector, a free application for computer forensic investigation of Mac OSX computers. Until now, there has never been an effective cross-platform forensics tool for accessing Spotlight internal data from Mac OSX systems – which is where all of the information about files indexed on a computer can be accessed by […]

Conferences Dalvik Inspector Registry Inspector

504ENSICS Labs at Blackhat USA 2013

504ENSICS Labs at Blackhat USA 2013! 504ENSICS Labs Co-Founder, Joe Sylve, will be demoing our new tool, Dalvik Inspector, at Blackhat Arsenal this summer.  Co-Founder, Lodovico Marziale, will also be demoing the new Registry Inspector tool at conference.   If you’re at the conference, we’d love to see you stop by!