Black Bag Training Team continues Windows Forensic Essentials Blog Series with a post about forensic examination of Windows Event Logs. They explain what event logs are, how to parse it with their tool – BlackLightÂź, discuss log-on events and changing the date and time.
-
Memory Acquisition and Virtual Secure Mode
Jason Hale has published a post about the impact of VBS on memory acqusition. With Windows… -
CCF-VM 2.1 has been released
CyLR CDQR Forensics Virtual Machine (CCF-VM) by Alan Orlikoski has been updated to version… -
Scanning Memory with Yara
Memory analysis has been successfully utilized to detect malware in many high profile case…
Load More Related Articles
-
Memory Acquisition and Virtual Secure Mode
Jason Hale has published a post about the impact of VBS on memory acqusition. With Windows… -
Finding the Serial Number of a Mac from Disk Image
Yogesh Khatri has published a very useful post – he shows how to find the serial num… -
Android Recovery Acquisitions with Magnet AXIOM
In this post Jamie McQuaid from Magnet Forensics shows how to create Android physical imag…
Load More In How To
