Home Videos Introduction to Plaso Heimdall

Introduction to Plaso Heimdall


As a continuation of the “Introduction to Windows Forensics” series by Richard Davis, this video introduces Plaso and Log2Timeline. Log2Timeline is designed to extract forensic data from a computer system and aggregate it for analysis, and Plaso is the Python-based backend engine that powers the tool.

You’ll take a look at the major changes in Plaso Heimdall (20170930), and see the minor changes incorporated in version 20171118. Then, you’ll jump over to a Linux system and create a timeline for a Windows 10 image. Lastly, you’ll analyze the resulting Excel spreadsheet created by the tool and look at the wealth of information available to an examiner. If you’re new to forensic timelines, and/or are curious about Plaso Heimdall, you’ll quickly learn why the “super timelines” created by these tools are a critical asset to modern day forensics.

Load More Related Articles
  • Digital Forensics Tutorials by AccessData

    AccessData has published a bunch of videos on its YouTube channel. You’ll learn abou…
  • Triage Image Creation

    This episode of “Introduction to Windows Forensics” covers triage image creati…
  • Juicy PDFs

    This new video is the next episode of “Introduction to Malware Analysis” serie…
Load More In Videos

Leave a Reply

Your email address will not be published. Required fields are marked *