As a continuation of the “Introduction to Windows Forensics” series, this video introduces Log Parser. This powerful tool from Microsoft allows forensic examiners to query text-based data such as log files, CSV files, XML files, and numerous other data sources including Active Directory and the Registry. In this video, Richard Davis will show you how Log Parser can allow forensic examiners to query numerous Windows EVTX event logs using SQL syntax:
-
Memory forensics and the Windows Subsystem for Linux
The Windows Subsystem for Linux (WSL) was first included in the Anniversary Update of Micr… -
Breaking Full Disk Encryption
Full Disk Encryption (FDE) may be rather useful as a defense mechanism against potential t… -
How to Put a Qualcomm Phone into EDL Mode
In this post Magnet Forensics talks about Emergency Download (EDL). This is a Qualcomm fea…
Load More Related Articles
-
Payload Distribution Format
As a continuation of the “Introduction to Malware Analysis” series, this video… -
Acquring MediaTek (MTK) Phones with Magnet AXIOM
This video shows how to use Magnet AXIOM to acquire mobile devices using a MediaTek (MTK) … -
Taking Memory Forensics To The Next Level
Here is a talk on memory forensics by Jamie Levy from Lockdown 2018: …
Load More In Videos
