Archive for June, 2025

What TRIM, DRAT, and DZAT Really Mean for SSD Forensics

June 2nd, 2025 by Oleg Afonin

If you’re doing forensic work today, odds are you’re imaging SSDs, not just spinning hard drives. And SSDs don’t behave like HDDs – especially when it comes to deleted files. One key reason: the TRIM command. TRIM makes SSDs behave different to magnetic hard drives when it comes to recovering deleted evidence. This article breaks down what TRIM actually does, how SSDs respond, and what forensic experts need to know when handling modern storage.

NEWEST ARTICLES

What TRIM, DRAT, and DZAT Really Mean for SSD Forensics

iOS Extraction Tip: Why Start with Recovery Mode?

Why Every Digital Forensics Lab Needs a Good USB Hub

ELCOMSOFT NEWS

iOS Forensic Toolkit 8.70: expanded Apple Watch support and offline agent installation15 May, 2025
Elcomsoft System Recovery 8.34 adds features, enhances disk imaging speed29 April, 2025
Elcomsoft System Recovery 8.33 adds built-in log viewer19 December, 2024
iOS Forensic Toolkit 8.62: bug fixes and performance enhancements22 November, 2024
Elcomsoft Distributed Password Recovery introduces intelligent load balancing, performance optimizations14 November, 2024

PRESS RELEASES

Elcomsoft Unveils Intelligent Load Balancing in Distributed Password Recovery to Maximize Hardware Efficiency14 November, 2024
Elcomsoft Enhances Windows and Linux Edition of its Forensic iOS Extraction Tool9 July, 2024
Elcomsoft Introduces the Linux Edition of its Forensic iOS Extraction Tool30 November, 2023
Elcomsoft Streamlines On-the-Spot Analysis with Bootable Forensic Tools14 July, 2023
Elcomsoft iOS Forensic Toolkit 8.30 adds low-level extraction support to iOS 16 through 16.3.1 on recent Apple devices30 June, 2023