In the realm of cyber security, the word forensics already sounds cool. So what is it? Is Cyber Security, hard to learn? It depends on how do you define it.
For me, I believe that Cyber Security itself is only a tip of a iceberg, it can branch out into different subjects. Today, we are talking about Digital Forensics.
Forensics is basically an electric evidence, digital forensics is evidence found on a digital device. So, what does that mean? For instance, you are accessing google.com. When you initiate the request to google.com, google know you; who is requesting, where is the request from or even what device is requesting. A digital footprint is left on the table for investigator to track, the process of finding you based on the digital footprint, is digital forensics.
Why do we perform digital forensics? Put in a simple term; So, when you are caught, there are evidences that you were liable for the such crime.
How investigator find evidences? Most of the cellphone's photo includes a lot information of the photo, for photographers, they want to know the apertures, the shutter speed, the ISO, and etc. For investigator who wanted to know about where was this photo taken, if the photo wasn't properly secured, the investigator can it.
A investigator can find it, that means black-hat hacker can also find it. So, what a black-hat hacker can do is use that photo's data and track down where is the photo taken, then utilize the information gathered to dive in deeper.
This is just a part of mobile phone forensics, there are Malware forensics, Database forensics and more...
How to retrieve data from a photo? On a PC, you can going into the the JPG file and click on properties, and you will be able to see all the metadata, and the same with MacOS users. To get an example for a How-To.
I started to expose to offensive cyber security, and I started with digital forensics in particular was cellphone photos, I wanted to find more information about a target, so I started to use photos of the target. Because I knew the target was impersonating someone else. I was leveraging OSINT, do you know OSINT? OSINT stands for Open Source Intelligence, and it is based on digital forensics analysis cycle. I will write more on what is OSINT, on my next blog posts. I hope that you find my content useful and helpful. If you like it, please consider donate me some coffee fund. If not, still donate me some coffee fund.