Ch 2a: viaForensics -- advancing mobile security
Ch 2b: Teel Technologies - Training
Ch 2c: BKForensics Cell Phone Forensics Training
Ch 2d: X-Ways Computer Forensics Training and Courses
Ch 2e: EnCE Certification Program
Ch 2f: Certifications AccessData
Ch 2g: Paraben - Mobile Forensic Training Certification
Ch 2h: SMART Open-Source Forensics Certification
Ch 2i: The International Society of Forensic Computer Examiners - ISFCE
Ch 2j: HTCN.org
Ch 2k: GIAC Computer Forensics Certifications
Ch 2l: International Association of Computer Investigative Specialists
Ch 2m: Hacking Exposed Computer Forensics Blog
Ch 2n: SANS DFIR Blog
Ch 2o: Windows Incident Response Blog
Ch 2p: Forensics from the sausage factory
Ch 2q: Forensic Focus Blog
Ch 2r: Forensic 4cast Discussing issues relating to digital forensics
Ch 2s: CyberSpeak's Podcast
Ch 2t: Inside the Core - The Mac & Apple Device Forensics Podcast
Ch 2u: HTCIA High Technology Crime Investigation Association
Ch 2v: Association of Certified Fraud Examiners - Fraud Training Education and Certification
Ch 3a: Sample Chain of Custody Form (doc)
Ch 3b: What Has Been Seen Cannot Be Unseen Know Your Meme
Ch 3c: Windows FE: Forensically Sound?
Ch 3d SANS SIFT KitWorkstation: Investigative Forensic Toolkit Download
Ch 3e: DEFT Linux - Computer Forensics live CD
Ch 4a: Internet Explorer History File Format - Index.dat
Ch 4b: TypedURLs Forensic Artifacts
Ch 4c: NIST Computer Forensic Tool Testing Program
Ch 4d: Apple deluged by police demands to decrypt iPhones
Ch 4e: iPhone Unlocking - MacForensicsLab
Ch 4f: Acquiring Forensic Evidence from Infrastructure-as-a-Service Cloud Computing:
Ch 4g: Grabbing Forensic Images from EC2Rackspace
Ch 5a: HardCopy 3P - 1:2 Forensic Hard Drive Duplicator Voom Technologies, Inc.
Ch 5b: SWGDE Forms (link downloads a ZIP Archive)
Ch 5c: SWGDE SOP Template
Ch 5d: SWGDE Best Practices for Computer Forensics
Ch 6a: VMXRay -- look inside virtual hard disks
Ch 6b: VMwares Virtual Disk Development Kit
Ch 6c: SmartMount ASR Data -- Mount forensic images in VMware and run them
Ch 6d: Live View -- Converts a forensic image to a virtual machine
Ch 6f: Learn Forensics with David Cowen - YouTube
Ch 6g: Honeynet Project Challenges The Honeynet Project
Ch 6h: DC3 Cyber Crime Challenges
Ch 6i: DFRWS 2010 Forensics Challenge
Ch 6j: SANS Digital Forensics and Incident Response Challenge
Ch 6k: High School Cyber Forensics Challenge NYU Polytechnic School of Engineering
Ch 6l: Network Forensics Puzzle Contest
Ch 6k: Digital (Computer) Forensics Tool Testing Images
Ch 6l: NIST Computer Forensics Reference Data Sets Images
Ch 7a: Encase Enterprise - Computer Forensics Platform
Ch 7b: Mandiant Memoryze
Ch 7c: mdd -- Open-source memory imaging tool
Ch 7d: MoonSols DumpIt
Ch 7e: FTK Imager Download AccessData
Ch 7f: Link downloads the Fmem tool immediately (Memory imager for Linux)
Ch 7g: Second Look Linux Intrusion Detection and Incident Response
Ch 7h: volatility - An advanced memory forensics framework - Google Project Hosting
Ch 7i: How to get a complete memory dump if Windows 7 crashes
Ch 7j: How to disable and re-enable hibernation on a computer that is running Windows
Ch 7k: Hiberfil Compression
Ch 7l: Sleep and hibernation: frequently asked questions
Ch 8a: Mac Memory Reader
Ch 8b: Unix Tools Included with Mac OS X The Mac Forensic Toolkit
Ch 8c: Apple Examiner Downloads
Ch 8d: Macbook Air Acquisition
Ch 8e: Forensic Imaging, Live Data Acquisition, and Targeted File Collection for Mac, MacBook, MacBook Air, and OS X Server Computers MacQuisition
Ch 8f: How To: Forensically Image a Late 2010 Model A1370 Macbook Air
Ch 8g: Apple Hates Forensicators
Ch 8h: MacMemoryForensics - volatility - Instructions on how access and use the Mac OS X support
Ch 8i: FTK v3 & Macintosh Forensics
Ch 8j: FTK Imager (for OS X) to the Rescue -- Detailed Steps to Acquire a Mac
Ch 8k: Safely and efficiently imaging a MacBook Air
Ch 8l: FTK Version 3 -- Mac OS X Support
Ch 8m: Imaging a Mac Remotely with EnCase
Ch 8o: OSXPmem - pmem - The OSX Pmem memory acquisition tool. - Runs on Mavericks with some complaints
Ch 8p: Enhanced Forensic Access to iPhoneiPadiPod Devices running Apple iOS ($1500)
Ch 8q: SleuthKit Supports HFS+ (Mac)
Ch 8r: The Sleuth Kit and Mac OS X
Ch 9a: Self-encrypting drives: SED the best-kept secret in hard drive encryption security
Ch 9b: Trusted Computing Group - Commonly Asked Questions and Answers on Self-encrypting Drives
Ch 9c: Toshiba Self-Wiping Drive Data Sheet (MKxx61GSYG Series)
Ch 9d: Toshiba to launch self-erasing hard drives
Ch 9e: Encrypted Disk Detector Forensic Methods
Ch 9f: BitLocker: how to image - Forensics Wiki
Ch 9g: Digital Forensics Solutions: Forensic Examination of Pointsec Encrypted Drives
Ch 9h: Cellebrite 30 Day Trial of Physical Analyzer
Ch 9i: Cellebrite - UFED Touch Ultimate
Ch 9j: The CFReDS Project -- Forensic images from NIST, including mobile devices
Ch 9k: Digital Corpora -- Nokia cell phone images
Ch 9l: AccessData: MPE Mobile Phone Forensics
Ch 9m: Paraben - Tabletop StrongHold Tent
Ch 9o: Chip-Off and JTAG Analysis of SSDs
Ch 9p: Chip-off Forensics Training
Ch 9q: Chip-Off Forensic Tools
Ch 9r: What is an impact of SSD on Computer Forensics?
Ch 9s: Windows 7 Artifacts Missing on SSDs
Ch 9t: Why disable SuperFetch on ssd, if RAM is much faster than ssd? - Microsoft Community
Ch 10a: Digital Forensics SIFT'ing: Timelines with log2timeline
Ch 10b: plaso - home of the super timeline
Ch 10c: Google Desktop Search as an Analysis Tool (from 2006)
Ch 11a: 67 of Bosses Say They Have Caught Employees Looking at Porn (Sept 10, 2013)
Ch 11b: index.dat Viewer
Ch 12a: The Terry Childs case: San Francisco is just as guilty (from 2010)
Ch 12b: CCSF Chancellor Suspends Technology Adminstrator, Launches Investigation (from 2012)
Ch 12c: Is CCSF's network safe? The final answer -- A Bug in the System, Part 3 (from 2012)
Ch 12d: Canary trap - Wikipedia
Ch 12e: Kim Kardashian's Fake Baby Photo Plot
Ch 12f: The NBA Used An Espionage Trick Known As "Canary Trap" To Catch Teams Leaking Info To The Media
Ch 13a: Magnet Forensics
Ch 13b: Belkasoft: Digital Evidence Extraction Software for Computer Forensic Investigations
Ch 13c: Digital Detective NetAnalysis
Ch 13d: FTK features to analyze LNK files
Ch 13e: MTP and MSC Devices - Wikipedia
Ch 13f: TZWorks LLC: Forensic Tools
Ch 13g: LNK - Forensics Wiki
Ch 13i: Windows File Analyzer
Ch 13j: Computer Forensic Artifacts: Windows 7 Shellbags SANS Institute
Ch 13k: Shellbags Forensics: Addressing a Misconception (interpretation, step-by-step testing, new findings, and more)
Ch 13l: ShellBagsView - Free!
Ch 13m: ShellBags Explorer -- Recovers Deleted Shellbags
Ch 14a: CCleaner - PC Optimization and Cleaning - Free Download
Ch 14b: ShadowExplorer.com
Ch 14c: Find and remove metadata (hidden information) in your legal documents
Ch 15a: Understand and Control Startup Apps with the System Configuration Utility
Ch 15b: Jotti's malware scan
Ch 15c: VirusTotal - Free Online Virus, Malware and URL Scanner
Ch 15d: ThreatExpert - Automated Threat Analysis
Ch 15e: Fixevt available here, but page unreadable (Ctrl+A helps)
Ch 16a: The Innocence Project: Forensic Science Misconduct
Ch 16b: Who was Fred Zain?
Ch 16c: Fred Zain - Wikipedia
Ch 16d: FBI overstated forensic hair matches in nearly all trials before 2000
Ch 17a: Daubert standard - Wikipedia
Ch 17b: Surprise! Daubert Applies to California Expert Testimony! (Jan. 11, 2013)
Ch 17c: Example Computer Forensic Declaration
Ch 17d: Microsoft\'s seizure of servers and network traffic re: Zeus in March, 2012
iPhone 1: Forensic analysis of iPhone backups
iPhone 2: iPhone iPod Touch Backup Extractor
iPhone 3: iPhone Backup Browser
iPhone 4: iBackupBot - iTunes Backup Manager for iPhone, iPod Touch, iPad
iPhone 5: iPhone Forensics - on iOS 5 (only works for iPhone 3gs, iPhone 4 & iPad1)
iPhone 6: iPhone Forensics -- Analysis of iOS 5 backups : Part 1 - Source of link iPhone 1, with dates and comments
iPhone 7: IPhone Analyzer Free software but only updated to iOS 5
iPhone 8: Processing iPhone Backup Files
iPhone 9: PBA2 - iOS Backup Analyzer
iPhone 10: Forensic Analysis on iOS Devices from SANS -- Demos of tools, WiFi GPS image
iPhone 11: I've Got the iTunes Backup from the iCloud. What Shall I Do Now? -- Good review of many tools
NTFS 1: NTFS System Files
NTFS 2: NTFS. Partition Boot Sector
Registry 1: TypedURLs
Registry 2: UserAssist Didier Stevens
Registry 3: RecentDocs
Registry 4: CurrentControlSet