windows forensics – Page 10 – Cyber Forensicator

Books

Digital Forensics and Incident Response

Another DFIR book has been announced by Packt Publishing. It’s “Digital Forensics and Incident Response” b…

Software

Windows Prefetch Carver

Adam Witt has presented a fresh Python script. It’s called Windows Prefetch Carver and, as you already understood…

How To

Exposing Command Line Shells History with PowerShell

Eyal Neemany has published a post on how to use PowerShell to expose command line shells history. He notes that the big…

Tips & Tricks

Windows, now with built in anti forensics!

One of our favorite forensicators – David Cowen, – has published a very interesting post in Hacking Exposed Comp…

News

Join our Telegram DFIR group!

Guys, we have created a Telegram group, where we will do our best to answer all your questions. We will be very happy if you…

Software

Fix acquired EVT files with evtkit

evtkit is a Python tool, which can help a computer forensic examiner to fix acquired Windows Event Log files. It’s lig…

Science

A Novel Method for Windows Phone Forensics

Mobile forensics is a branch of cyber forensics which helps in extracting evidence from mobile devices. A variety of softwar…

Tips & Tricks

Tracking threat actors through .LNK files

In this blog post guys from NVISO Labs answer Harlan Carvey’s question: “Did you parse the LNK file for things s…

Webinars

A Guide to Eric Zimmerman’s command line tools

SANS Instructor and Former FBI Agent Eric Zimmerman has provided several open source command line tools free to the DFIR Com…

Tips & Tricks

Is Fileless Malware Really Fileless?

Travis Smith has published a post about fileless malware on The State of Security. He notes that this type of malware isn…

Tag Archives: windows forensics

Digital Forensics and Incident Response

Windows Prefetch Carver

Exposing Command Line Shells History with PowerShell

Windows, now with built in anti forensics!

Join our Telegram DFIR group!

Fix acquired EVT files with evtkit

A Novel Method for Windows Phone Forensics

Tracking threat actors through .LNK files

A Guide to Eric Zimmerman’s command line tools

Is Fileless Malware Really Fileless?

About Us

Popular Posts

Open Sourcing JA3: SSL/TLS Client Fingerprinting for Malware Detection

Windows Phone Physical Imaging Without JTAG and Chip-off

Cloud Forensics: Analyzing MEGASync

Timeline

Threat Hunting: What it Is, and What it Is Not

Utilities go for launch!

Checkm8 review translation

Looking at Microsoft Teams from a DFIR Perspective

Forensic Walkthrough: QBot Infection

Tag Archives: windows forensics

Follow Us

About Us

Popular Posts

Timeline

Threat Hunting: What it Is, and What it Is Not

Utilities go for launch!

Checkm8 review translation

Looking at Microsoft Teams from a DFIR Perspective

Forensic Walkthrough: QBot Infection