Black Bag Training Team continues Windows Forensic Essentials Blog Series with a post about forensic examination of Windows Event Logs. They explain what event logs are, how to parse it with their tool – BlackLightÂź, discuss log-on events and changing the date and time.
-
Defcon DFIR CTF 2018 Open to the Public
David Cowen has posted Defcon DFIR CTF 2018 images and questions at his blog. It’s t… -
IoT 4n6: The Growing Impact of the Internet of Things on Digital Forensics
Gartner predicts that by 2020 there will be more than 20 billion connected “things,&… -
The Sleuth Kit 4.6.2 and Autopsy 4.8.0 released
The new versions of the Sleuth Kit and Autopsy have been released. You can already downloa…
Load More Related Articles
-
How to Disassemble a Word Document with Embedded Macros
Here is a post by Paul Cimino, in which he goes through the steps to create a macro-embedd… -
Linux Binary Poisoning Detection
In this post guys from Sandfly Security describe the process of detection poisoned Linux b… -
Malicious PowerShell in the Registry: Persistence
Mari DeGrazia continues her series of blogs about detecting and analysis of malicious Powe…
Load More In How To
