Black Bag Training Team continues Windows Forensic Essentials Blog Series with a post about forensic examination of Windows Event Logs. They explain what event logs are, how to parse it with their tool – BlackLightÂź, discuss log-on events and changing the date and time.
-
Epochalypse: Utility to Convert Epoch Timestamps
Epochalypse utility by Pasquale Stirparo has been updated. Now it supports APFS timestamps… -
Forensic Analytics for Acquiring and Preserving Reliable Data from Cloud Hypervisors
Cloud computing is this decade’s major computing advancement. Many business enterpri… -
Using the Office 365 Activities API to Investigate Business Email Compromises
Business email compromises (BECs) are a big problem across a multitude of industries. Just…
Load More Related Articles
-
Linux Binary Poisoning Detection
In this post guys from Sandfly Security describe the process of detection poisoned Linux b… -
Malicious PowerShell in the Registry: Persistence
Mari DeGrazia continues her series of blogs about detecting and analysis of malicious Powe… -
Parsing APFS with Magnet AXIOM
Despite the fact APFS isn’t currently supported by AXIOM, the author of “The S…
Load More In How To
