Posts
Mairi's Constant
Cancel

Dissecting the AD1 File Format

Foreword This article will be covering my personal exploration and dissection of the proprietary AccessData image format known as the AccessData Logial Image. This format is also referred to as AD...

Exploring IEEE 754 Arithmetic

Foreword This article will be covering the interesting arithmetic involved in the conversion of a hexadecimal value into an IEEE 754 (Floating-Point) value, in the context of computing. Additional...

Forensic BASH Scripting: LNK Parsing

Forensic BASH script: lnkparser Observation Recently, while probing a Windows image file in my spare time, I came across a plethora of user-generated Windows shortcut files, also known as LNK fil...

Extracting Alternate Data Streams with Linux

Foreword This article will be covering a feature of the NTFS file system known as the Alternate Data Stream (ADS), focusing on how to properly identify and extract these data streams from an NTFS ...

Forensic Acquisition with DD Tools

Foreword This article will be focusing on the usage of the Linux tool dd in the forensic imaging process, along with several tools that have been derived from it. In addition to briefly covering t...