Black Bag Training Team continues Windows Forensic Essentials Blog Series with a post about forensic examination of Windows Event Logs. They explain what event logs are, how to parse it with their tool – BlackLight®, discuss log-on events and changing the date and time.
-
Amcache and USB Device Tracking
Jason Hale has published an interesting post on how to use the amcache to track USB device… -
Digital Forensics and Incident Response (DFIR) for ICS Embedded Devices
Chris Sistrunk of Mandiant shows tools and tips on the very new field of DFIR for PLC̵… -
Finding and Decoding Malicious PowerShell Scripts
Mari DeGrazia has published a very useful post, which will help you to learn how to find a…
Load More Related Articles
-
Amcache and USB Device Tracking
Jason Hale has published an interesting post on how to use the amcache to track USB device… -
Finding and Decoding Malicious PowerShell Scripts
Mari DeGrazia has published a very useful post, which will help you to learn how to find a… -
SUMURI’s Free Mac Forensics Guide
SUMURI presented a free step by step Mac forensics guide. You will learn how to obtain sys…
Load More In How To
