About

Switch to the IOC page.

ForensicArtifacts.com was built to become a repository for useful information forensic examiners may need to reference during the course of their analysis. Requests for artifacts of system files, programs, and malware are very common to see on computer forensic mailing lists and forums. This site strives to take the place of those requests and become a one-stop shop when it comes to forensic artifacts.

This site was designed for the digital forensic community, but it also relies on the community to become stronger. Please consider submitting any artifacts you have documented that may be of use to other examiners. As an added incentive,  Rob Lee and SANS have graciously offered up a SANS Lethal Forensicator Coin for anyone submitting six or more artifacts or IOCs in any given year. For more details on this, please read here.

Unless otherwise specified at the bottom of the each post, the artifacts have not been tested and verified by Forensic Artifact volunteers. If you would like to volunteer to help QA the artifacts, please let us know.

There is a very dedicated group of volunteers that help to run this site. If you get the chance, please thank them for helping to create a resource that benefits their fellow forensic examiners.

Forensic Artifact staff of volunteers include:

Site Administration: Matt Churchill
Editor, Artifacts: Frank McClain
Editor, Artifacts: Joe Garcia
Editor, IOCs: Keith Gilbert

QA Team:
Michael Matonis

Significant Contributers:
Evernote page sync: Mark McKinnon
Hal Pomeranz