Black Bag Training Team continues Windows Forensic Essentials Blog Series with a post about forensic examination of Windows Event Logs. They explain what event logs are, how to parse it with their tool – BlackLight®, discuss log-on events and changing the date and time.
-
Launching APOLLO: Creating a Simple Tool for Advanced Forensic Analysis
Last week Sarah Edwards attended MacDevOpsYVR in Vancouver, Canada, and had a talk about h… -
Automated Hunting of Memory Resident Malware at Scale
Memhunter is an endpoint sensor tool that is specialized in detecing resident malware, imp… -
Detection of Malicious Activities in Internet of Things Environment Based on Binary Visualization and Machine Intelligence
Internet of Things (IoT) devices are increasingly deployed for different purposes such as …
Load More Related Articles
-
Step by Step Guide to iOS Jailbreaking and Physical Acquisition
Oleg Afonin from Elcomsoft has posted a step by step guide on how to perform jailbreaking … -
Creating a File System Image of iOS12
Apple’s iOS 12 is the latest iteration in their mobile device software. With each it… -
Parsing Carved EVTX Records Using EvtxECmd
Teru Yamazaki has posted about how to extract Windows Event Log files from allocated space…
Load More In How To
