Digital Forensics Types & Challenges

Types of Digital Forensics

Three types of digital forensics are:

1. Disk Forensics:-

It deals with extracting data from storage media by searching active, modified, or deleted files.

2. Network Forensics:-

It is a sub-branch of digital forensics. It is related to monitoring and analysis of computer network traffic to collect important information and legal evidence.

3. Wireless Forensics:-

It is a division of network forensics. The main aim of wireless forensics is to offers the tools need to collect and analyze the data from wireless network traffic.

4. Database Forensics:-

It is a branch of digital forensics relating to the study and examination of databases and their related metadata.

5. Malware Forensics:-

This branch deals with the identification of malicious code, to study their payload, viruses, worms, etc.

6. Email Forensics:-

Deals with recovery and analysis of emails, including deleted emails, calendars, and contacts.

7. Memory Forensics:-

It deals with collecting data from system memory (system registers, cache, RAM) in raw form and then carving the data from Raw dump.

8. Mobile Phone Forensics:-

It mainly deals with the examination and analysis of mobile devices. It helps to retrieve phone and SIM contacts, call logs, incoming, and outgoing SMS/MMS, Audio, videos, etc.


Challenges faced by Digital Forensics

Here, are major challenges faced by the Digital Forensic:

  • The increase of PC’s and extensive use of internet access
  • Easy availability of hacking tools
  • Lack of physical evidence makes prosecution difficult.
  • The large amount of storage space into Terabytes that makes this investigation job difficult.
  • Any technological changes require an upgrade or changes to solutions.

Advantages of Digital forensics
Here, are pros/benefits of Digital forensics
  • To ensure the integrity of the computer system.
  • To produce evidence in the court, which can lead to the punishment of the culprit.
  • It helps the companies to capture important information if their computer systems or networks are compromised.
  • Efficiently tracks down cybercriminals from anywhere in the world.
  • Helps to protect the organization’s money and valuable time.
  • Allows to extract, process, and interpret the factual evidence, so it proves the cybercriminal action’s in the court.
Disadvantages of Digital Forensics
Here, are major cos/ drawbacks of using Digital Forensic
  • Digital evidence accepted into court. However, it is must be proved that there is no tampering
  • Producing electronic records and storing them is an extremely costly affair
  • Legal practitioners must have extensive computer knowledge
  • Need to produce authentic and convincing evidence
  • If the tool used for digital forensic is not according to specified standards, then in the court of law, the evidence can be disapproved by justice.
  • Lack of technical knowledge by the investigating officer might not offer the desired result

Comments

Post a Comment

Popular posts from this blog

OSINT Tool in Termux

Image
The Instagram OSINT Tool gets a range of information from an Instagram account that you normally wouldn't be able to get from just looking at their profile The information includes: [ profile ] : user id, followers / following, number of uploads, profile img URL, business enum, external URL, joined Recently, etc [ tags & mentions ] : most used hashtags and mentioned accounts [ email ] : if any email is used any where it'll be displayed [ posts ] : accessability caption, location, timestamp, caption, picture url, etc ( yet not working correctly with posts instagram marks as 'sensitive cotent' ) How To Install apt update && upgrade -y Pkg install git pkg install python3 git clone https://github.com/th3unkn0n/osi.ig.git && cd osi.ig python3 -m pip install -r requirements.txt Usage python3 main.py -u username
Read more

Colt Telecom Hit by WarLock Ransomware: SharePoint Zero Day Used for Mass Data Theft

Image
  What Happened On August 12, 2025 , Colt Technology Services—a UK-based telecom giant—experienced a cyberattack that disrupted several internal support services, impacting systems like Colt Online, porting, and Voice API platforms, while core network services remained unaffected. Who Claimed Responsibility A threat actor using the handle "cnkjasdfgd," claiming to represent the WarLock ransomware group , offered 1 million stolen documents for US$200,000 , providing sample files to prove their legitimacy. Made Possible By The attackers exploited a critical zero-day vulnerability in on-premises Microsoft SharePoint (CVE‑2025‑53770), which was publicly patched on July 21, 2025. Technical Breakdown (“ToolShell” Exploit Chain) Attackers used a sophisticated exploit chain now dubbed ToolShell , involving multiple steps: 1. Initial Access – Bypassing Authentication A crafted HTTP POST to the /_layouts/15/ToolPane.aspx endpoint with a spoofed Referer header (/_layo...
Read more

Active Directory Ransomware Attacks

Image
    Organizations worldwide use Active Directory (AD) as their primary identity service , which makes it a top target for ransomware attacks . This article explains how adversaries exploit Active Directory during ransomware attacks and provides strategies and tools for defending against this modern menace. The two phases of a ransomware attack A common misconception about ransomware attacks is that they are quick: Someone opens an infected email attachment or inserts an infected USB device , and within minutes data across the network is encrypted and a ransom demand is displayed on every screen . The reality is quite different. Ransomware attacks today tend to be quite sophisticated and methodical . To encrypt as much sensitive information as possible and therefore maximize the chances of receiving a high payout , attackers proceed in two phases: Find an entry point — The first step is to gain a foothold in the victim organization ’s network . One common strategy is to comp...
Read more