Windows Forensic Analysis is constantly progressing. If you have been doing digital forensics for the past few years and haven’t been able to keep your skills up to date, FOR500 Windows Forensic Analysis will bring your skills up to date. Do you know what a shell item is and why it is important to proper windows digital artifact analysis? Have you ever heard of the SRUM database and what it could mean in attempting to track individuals stealing data from your organizations? The latest evidence of execution artifacts such as ShimCache and AmCache registry hive files are critical to proving certain programs are executed. Even more so, Windows operating systems synchronize a lot of the data stored on the OS across multiple devices without you knowing about it. Completely updated through Windows 10 the new FOR500: Windows Forensics course is not an introduction to forensics class but focuses completely on artifacts that will help you solve the most complex investigations.
-
Launching APOLLO: Creating a Simple Tool for Advanced Forensic Analysis
Last week Sarah Edwards attended MacDevOpsYVR in Vancouver, Canada, and had a talk about h… -
Automated Hunting of Memory Resident Malware at Scale
Memhunter is an endpoint sensor tool that is specialized in detecing resident malware, imp… -
Detection of Malicious Activities in Internet of Things Environment Based on Binary Visualization and Machine Intelligence
Internet of Things (IoT) devices are increasingly deployed for different purposes such as …
Load More Related Articles
-
-
The Five Most Dangerous New Attack Techniques and How to Counter Them
Which are the most dangerous new attack techniques? How do they work? How can you stop the… -
Visual Analysis with ProcDOT
In the new episode of “Introduction to Malware Analysis” series Richard Davis …
Load More In Videos
