Site Glossary

A tool for installing and managing dependencies (pip for Python, apt for Linux packages, npm for Node, PowerShellGet for PowerShell modules). Package managers help automate setup and keep software consistent.

A file format and collection method for recording network packets. While PCAP is more commonly associated with network forensics, it may be used within SIGINT-adjacent collection environments where network traffic is acquired for analysis under appropriate authority.

A parameter is a named input in a function definition; an argument is the actual value passed when calling the function. Clear parameters make scripts configurable and reusable.

The process of reading structured or semi-structured data (JSON, XML, CSV, logs) and turning it into usable program objects (lists, dictionaries, records). Parsing is common in investigations and automation pipelines.

A warrant requirement that the place to be searched and items to be seized be described with specificity. For digital investigations, particularity often includes device identifiers, account identifiers, app/platform names, data categories, and relevant time frames.

A logical division of a physical storage device. Each partition may contain its own file system and operate independently.

The practice of storing password verifiers using specialized KDFs designed to be slow and memory-hard. Good password hashing uses a unique salt per password and may include a server-side pepper to reduce breach impact.

PBKDF2 is a password-based key derivation function that uses repeated hashing (iterations) to slow down brute-force attacks. It is widely supported, but modern best practice often prefers memory-hard functions like Argon2 where available.

A second qualified examiner reviews methods, findings, and reporting for accuracy and completeness. Peer review helps catch errors, confirm conclusions, and strengthen credibility in court by demonstrating disciplined quality controls.

A secret value added to password hashing in addition to a salt. Unlike salts, peppers must be protected (often in an HSM or secure configuration store). Peppers can reduce the value of stolen password hashes if the pepper remains secret.