As a continuation of the “Introduction to Windows Forensics” series, this video introduces Log Parser. This powerful tool from Microsoft allows forensic examiners to query text-based data such as log files, CSV files, XML files, and numerous other data sources including Active Directory and the Registry. In this video, Richard Davis will show you how Log Parser can allow forensic examiners to query numerous Windows EVTX event logs using SQL syntax:
-
Autopsy 4.10.0 and the Sleuth kit 4.6.5 have been released
The new versions of the most popular open source DFIR tools, Autopsy and the Sleuth kit, h… -
volatility-wnf: Browse and dump Windows Notification Facilities
This Volatility plugin is based on work of Alex Ionescu and Gabrielle Viala. https://blog.… -
Learning Android Forensics, 2nd Edition has been released
The 2nd edition of Learning Android Forensics by Oleg Skulkin, Donnie Tindal and Rohit Tam…
Load More Related Articles
-
Digital Forensics Tutorials by AccessData
AccessData has published a bunch of videos on its YouTube channel. You’ll learn abou… -
Triage Image Creation
This episode of “Introduction to Windows Forensics” covers triage image creati… -
Load More In Videos
