Cyber Forensics

The Forensic team utilizes the most upgraded technological solutions to retrieve, search and examine large and multiple data sets. This enables our clients to collect information that can be further to make use of address litigation issues, investigations, regulatory and financial crime necessities.

Cyber forensics arrives in where all your security violates and cyber-crime happened or a crime happened and found suspect digital devices related to the crime. Not all cybercrimes are processed through a virus or phishing. Cases like employee in an organization theft trade secret and sold to the competitor company or used a digital device for a physical attack are also common. Cyber forensics will help to prove the digital device user’s connection with the crime.



Malware is a threat to every single computer user, re-gardless of their level of usage and skill proficiency. Recentnews as in, showed the danger of a malware, where aconvicted murder got a retrial after his court transcript wasdeleted by a computer virus. In the malware detection process, there are two analysistypes; those are static and dynamic analysis.

  • Static analysis, includes “the process ofevaluating an executable based on its form, structure, andcontent, without actually executing the program”. Simplysaid, static analysis is where the malware researchers ana-lyzed the malware without actually executing them. One ofthe strengths of static analysis is that it reduces the risk ofharming the analyst’s computing host.

  • Dynamic analysis, in the other hands, is where the mal-ware analysts execute the malware in a safe, emulated en-vironment which emulates the real computing environmentso that the real activities and behaviors of the malware canbe monitored.

  • Static analysis is a safe way to analyzed a malware, andfor this purpose, pi-ngaji is tool to make the analysis faster.In certain conditions, static analysis provides useful informa-tions faster than dynamic analysis which needs the malwareto be uploaded or executed in the sandbox. Although withsome limitations, it could at least analyze an unknown binarywhether or not it falls into suspicious class of software ornot because it does not depend on the malware signature,instead the malicious features that the malware has


Network forensics is a sub-branch of digital forensics relating to the monitoring and analysis of computer network traffic for the purposes of information gathering, legal evidence, or intrusion detection. Unlike other areas of digital forensics, network investigations deal with volatile and dynamic information.

  • Network forensics is the capture, recording, and analysis of network events in order to discover the source of security attacks or other problem incidents.

  • The term, attributed to firewall expert Marcus Ranum, is borrowed from the legal and criminology fields where forensics pertains to the investigation of crimes.

  • Network forensics can be generally defined as a science of discovering and retrieving evidential information in a networked environment about a crime in such a way as to make it admissible in court.

  • The investigation of a cyber-crime often involves cases related to homeland security, corporate espionage, child pornography, traditional crime assisted by computer and network technology, employee monitoring, or medical records, where privacy plays an important role.


The goal of computer forensics is to do a structured investigation and find out exactly what happened in a digital system and who was responsible for it. There are many tools that are used in the process of examining digital evidence and evaluating system security.

  • Well, web application hackers don’t schedule their movements – and they certainly don’t use tools and attacks, that are easily spotted or investigated. Names such as: Cross Site Scripting, Poison Null Byte and SQL Injection are just the tip of the iceberg in a new war front.

  • IT professionals are used to monitoring network traffic, using network sniffers and stateof-the-art intrusion detection systems which analyze bizarre network behavior and watch patterns of weird packets considered as network attacks. Many companies also install tripwires and honey pots to catch hackers who are trying to hack in through defected telnet daemons, or FTP servers. But most people are overlooking what happens on the WWW and do not understand the traffic reaching the web application