SlideShare a Scribd company logo

Windows forensic artifacts

n|u - The Open Security Community
n|u - The Open Security Community

This document summarizes Windows forensic artifacts and tools that can be used for forensic investigations. It discusses the steps of a forensic investigation, rules to follow, common Windows artifacts like event logs and browser artifacts, and tools that can extract user details and system activity from a disk image or memory dump. Examples of artifacts that can be examined without tools include mounted devices, USB storage details, task manager history, event logs and system files.

Technology
1 of 13
Windows Forensic Artifacts http://null.co.in/ http://nullcon.net/ Pardhasaradhi.ch a.k.a babloo 09762310104 [email_address]
http://null.co.in/ http://nullcon.net/ Agenda Introduction Steps of forensics investigation Rules of Forensics investigations Terminology Windows Artifacts Browser artifacts Tools which can be used Evidence gathering Without Tools
http://null.co.in/ http://nullcon.net/ Introduction to Forensics ,[object Object],[object Object],[object Object]
http://null.co.in/ http://nullcon.net/ Steps of Forensics
http://null.co.in/ http://nullcon.net/ Rules of Forensics investigation ,[object Object],[object Object],[object Object],[object Object]
http://null.co.in/ http://nullcon.net/ Terminology C ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
http://null.co.in/ http://nullcon.net/ Windows Artifacts ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
http://null.co.in/ http://nullcon.net/ Browser artifacts in Windows Default auto bookmarks location for Firefox C:sers.....ppDataoamingozillairefoxrofiles,,,.default Default location Saved Passwords C:sers..ppDataoamingozillairefoxrofiles6jq0hlt.defaultey3.db C:sers..ppDataoamingozillairefoxrofiles6jq0hlt.defaultignons.Sqllite
http://null.co.in/ http://nullcon.net/ Using a Dump File We can get User details System Activity Almost every thing using third party tools
http://null.co.in/ http://nullcon.net/ Tools Can be used FTK Encase DFF ADDONS Parbens Stegosuite Volatility TZwork sbag
http://null.co.in/ http://nullcon.net/ Without tools How can we extract the data ? USB devices :: HKLMystemontrolset00xnumSBSTOR what Information can be found Vendor ID, Product ID, Revision, Device ID / Serial Number Mounted Devices HKLMystemounted Devices What information can be found This key views each drive connected to the system 
http://null.co.in/ http://nullcon.net/ Task manager Event logs Network and performance monitor Task scheduler Windows Update history System files MAC table Commands in cli / Powershell Computer management Regedit Msconfig Prefetch
Thank You Pardhasaradhi.ch 09762310104 www.pardhasaradhi.info [email_address]

Recommended

Windowsforensics
WindowsforensicsWindowsforensics
WindowsforensicsSantosh Khadsare
 
Mobile Forensics
Mobile ForensicsMobile Forensics
Mobile Forensics
primeteacher32
 
Mobile Forensics
Mobile Forensics Mobile Forensics
Mobile Forensics
abdullah roomi
 
Operating System Forensics
Operating System ForensicsOperating System Forensics
Operating System Forensics
ArunJS5
 
Network forensic
Network forensicNetwork forensic
Network forensic
Manjushree Mashal
 
Digital forensic tools
Digital forensic toolsDigital forensic tools
Digital forensic tools
Parsons Corporation
 
Cloud-forensics
Cloud-forensicsCloud-forensics
Cloud-forensics
anupriti
 
Forensics of a Windows System
Forensics of a Windows SystemForensics of a Windows System
Forensics of a Windows SystemConferencias FIST
 

Recommended

Windowsforensics
WindowsforensicsWindowsforensics
WindowsforensicsSantosh Khadsare
 
Mobile Forensics
Mobile ForensicsMobile Forensics
Mobile Forensics
primeteacher32
 
Mobile Forensics
Mobile Forensics Mobile Forensics
Mobile Forensics
abdullah roomi
 
Operating System Forensics
Operating System ForensicsOperating System Forensics
Operating System Forensics
ArunJS5
 
Network forensic
Network forensicNetwork forensic
Network forensic
Manjushree Mashal
 
Digital forensic tools
Digital forensic toolsDigital forensic tools
Digital forensic tools
Parsons Corporation
 
Cloud-forensics
Cloud-forensicsCloud-forensics
Cloud-forensics
anupriti
 
Forensics of a Windows System
Forensics of a Windows SystemForensics of a Windows System
Forensics of a Windows SystemConferencias FIST
 
Digital forensics
Digital forensicsDigital forensics
Digital forensics
Vidoushi B-Somrah
 
CS6004 Cyber Forensics
CS6004 Cyber ForensicsCS6004 Cyber Forensics
CS6004 Cyber Forensics
Kathirvel Ayyaswamy
 
Cyber Forensics Overview
Cyber Forensics OverviewCyber Forensics Overview
Cyber Forensics Overview
Yansi Keim
 
Collecting and preserving digital evidence
Collecting and preserving digital evidenceCollecting and preserving digital evidence
Collecting and preserving digital evidence
Online
 
Cybercrime And Cyber forensics
Cybercrime And Cyber forensics Cybercrime And Cyber forensics
Cybercrime And Cyber forensics
sunanditaAnand
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic ppt
Priya Manik
 
Digital forensics
Digital forensics Digital forensics
Digital forensics
vishnuv43
 
CNIT 121: 8 Forensic Duplication
CNIT 121: 8 Forensic DuplicationCNIT 121: 8 Forensic Duplication
CNIT 121: 8 Forensic Duplication
Sam Bowne
 
Network Forensics Intro
Network Forensics IntroNetwork Forensics Intro
Network Forensics Intro
Jake K.
 
CS6004 Cyber Forensics
CS6004 Cyber ForensicsCS6004 Cyber Forensics
CS6004 Cyber Forensics
Kathirvel Ayyaswamy
 
Processing Crimes and Incident Scenes
Processing Crimes and Incident ScenesProcessing Crimes and Incident Scenes
Processing Crimes and Incident Scenes
primeteacher32
 
Malware forensics
Malware forensicsMalware forensics
Malware forensics
Sameera Amjad
 
Network forensics1
Network forensics1Network forensics1
Network forensics1Santosh Khadsare
 
L6 Digital Forensic Investigation Tools.pptx
L6 Digital Forensic Investigation Tools.pptxL6 Digital Forensic Investigation Tools.pptx
L6 Digital Forensic Investigation Tools.pptx
Bhupeshkumar Nanhe
 
Data recovery
Data recoveryData recovery
Data recoveryMir Majid
 
Digital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research ChallengeDigital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research Challenge
Aung Thu Rha Hein
 
Memory Forensics
Memory ForensicsMemory Forensics
Memory Forensics
n|u - The Open Security Community
 
Malware forensic
Malware forensicMalware forensic
Malware forensic
SumeraHangi
 
Computer forensics ppt
Computer forensics pptComputer forensics ppt
Computer forensics pptNikhil Mashruwala
 
Network Forensics
Network ForensicsNetwork Forensics
Network Forensics
primeteacher32
 
Windows 7 forensics -overview-r3
Windows 7 forensics -overview-r3Windows 7 forensics -overview-r3
Windows 7 forensics -overview-r3CTIN
 
Disk forensics
Disk forensicsDisk forensics
Disk forensics
Chiawei Wang
 

More Related Content

What's hot

Digital forensics
Digital forensicsDigital forensics
Digital forensics
Vidoushi B-Somrah
 
CS6004 Cyber Forensics
CS6004 Cyber ForensicsCS6004 Cyber Forensics
CS6004 Cyber Forensics
Kathirvel Ayyaswamy
 
Cyber Forensics Overview
Cyber Forensics OverviewCyber Forensics Overview
Cyber Forensics Overview
Yansi Keim
 
Collecting and preserving digital evidence
Collecting and preserving digital evidenceCollecting and preserving digital evidence
Collecting and preserving digital evidence
Online
 
Cybercrime And Cyber forensics
Cybercrime And Cyber forensics Cybercrime And Cyber forensics
Cybercrime And Cyber forensics
sunanditaAnand
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic ppt
Priya Manik
 
Digital forensics
Digital forensics Digital forensics
Digital forensics
vishnuv43
 
CNIT 121: 8 Forensic Duplication
CNIT 121: 8 Forensic DuplicationCNIT 121: 8 Forensic Duplication
CNIT 121: 8 Forensic Duplication
Sam Bowne
 
Network Forensics Intro
Network Forensics IntroNetwork Forensics Intro
Network Forensics Intro
Jake K.
 
CS6004 Cyber Forensics
CS6004 Cyber ForensicsCS6004 Cyber Forensics
CS6004 Cyber Forensics
Kathirvel Ayyaswamy
 
Processing Crimes and Incident Scenes
Processing Crimes and Incident ScenesProcessing Crimes and Incident Scenes
Processing Crimes and Incident Scenes
primeteacher32
 
Malware forensics
Malware forensicsMalware forensics
Malware forensics
Sameera Amjad
 
L6 Digital Forensic Investigation Tools.pptx
L6 Digital Forensic Investigation Tools.pptxL6 Digital Forensic Investigation Tools.pptx
L6 Digital Forensic Investigation Tools.pptx
Bhupeshkumar Nanhe
 
Digital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research ChallengeDigital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research Challenge
Aung Thu Rha Hein
 
Memory Forensics
Memory ForensicsMemory Forensics
Memory Forensics
n|u - The Open Security Community
 
Malware forensic
Malware forensicMalware forensic
Malware forensic
SumeraHangi
 
Network Forensics
Network ForensicsNetwork Forensics
Network Forensics
primeteacher32
 

What's hot (20)

Digital forensics
Digital forensicsDigital forensics
Digital forensics
 
CS6004 Cyber Forensics
CS6004 Cyber ForensicsCS6004 Cyber Forensics
CS6004 Cyber Forensics
 
Cyber Forensics Overview
Cyber Forensics OverviewCyber Forensics Overview
Cyber Forensics Overview
 
Collecting and preserving digital evidence
Collecting and preserving digital evidenceCollecting and preserving digital evidence
Collecting and preserving digital evidence
 
Cybercrime And Cyber forensics
Cybercrime And Cyber forensics Cybercrime And Cyber forensics
Cybercrime And Cyber forensics
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic ppt
 
Digital forensics
Digital forensics Digital forensics
Digital forensics
 
CNIT 121: 8 Forensic Duplication
CNIT 121: 8 Forensic DuplicationCNIT 121: 8 Forensic Duplication
CNIT 121: 8 Forensic Duplication
 
Network Forensics Intro
Network Forensics IntroNetwork Forensics Intro
Network Forensics Intro
 
CS6004 Cyber Forensics
CS6004 Cyber ForensicsCS6004 Cyber Forensics
CS6004 Cyber Forensics
 
Processing Crimes and Incident Scenes
Processing Crimes and Incident ScenesProcessing Crimes and Incident Scenes
Processing Crimes and Incident Scenes
 
Malware forensics
Malware forensicsMalware forensics
Malware forensics
 
Network forensics1
Network forensics1Network forensics1
Network forensics1
 
L6 Digital Forensic Investigation Tools.pptx
L6 Digital Forensic Investigation Tools.pptxL6 Digital Forensic Investigation Tools.pptx
L6 Digital Forensic Investigation Tools.pptx
 
Data recovery
Data recoveryData recovery
Data recovery
 
Digital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research ChallengeDigital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research Challenge
 
Memory Forensics
Memory ForensicsMemory Forensics
Memory Forensics
 
Malware forensic
Malware forensicMalware forensic
Malware forensic
 
Computer forensics ppt
Computer forensics pptComputer forensics ppt
Computer forensics ppt
 
Network Forensics
Network ForensicsNetwork Forensics
Network Forensics
 

Viewers also liked

Windows 7 forensics -overview-r3
Windows 7 forensics -overview-r3Windows 7 forensics -overview-r3
Windows 7 forensics -overview-r3CTIN
 
Disk forensics
Disk forensicsDisk forensics
Disk forensics
Chiawei Wang
 
Introduction to memory forensics
Introduction to memory forensicsIntroduction to memory forensics
Introduction to memory forensics
Marco Alamanni
 
Computer forensic 101 - OWASP Khartoum
Computer forensic 101 - OWASP KhartoumComputer forensic 101 - OWASP Khartoum
Computer forensic 101 - OWASP Khartoum
OWASP Khartoum
 
Windows logging cheat sheet
Windows logging cheat sheetWindows logging cheat sheet
Windows logging cheat sheet
Michael Gough
 
Vista Forensics
Vista ForensicsVista Forensics
Vista ForensicsCTIN
 
Mounting virtual hard drives
Mounting virtual hard drivesMounting virtual hard drives
Mounting virtual hard drivesCTIN
 
Capturing forensics image
Capturing forensics imageCapturing forensics image
Capturing forensics image
Chris Harrington
 
Open Source Forensics
Open Source ForensicsOpen Source Forensics
Open Source ForensicsCTIN
 
Registry forensics
Registry forensicsRegistry forensics
Registry forensics
Prince Boonlia
 
Become an Internet Sleuth!
Become an Internet Sleuth!Become an Internet Sleuth!
Become an Internet Sleuth!
Nearpod
 
Windows 10 Forensics: OS Evidentiary Artefacts
Windows 10 Forensics: OS Evidentiary ArtefactsWindows 10 Forensics: OS Evidentiary Artefacts
Windows 10 Forensics: OS Evidentiary Artefacts
Brent Muir
 
Forensic Anaysis on Twitter
Forensic Anaysis on TwitterForensic Anaysis on Twitter
Forensic Anaysis on Twitter
Yansi Keim
 
Raidprep
RaidprepRaidprep
RaidprepCTIN
 
Part6 Private Sector Concerns
Part6 Private Sector ConcernsPart6 Private Sector Concerns
Part6 Private Sector ConcernsCTIN
 
Computer Forensics & Windows Registry
Computer Forensics & Windows RegistryComputer Forensics & Windows Registry
Computer Forensics & Windows Registrysomutripathi
 
File system
File systemFile system
File system
Harleen Johal
 
Using and Developing with Open Source Digital Forensics Software in Digital A...
Using and Developing with Open Source Digital Forensics Software in Digital A...Using and Developing with Open Source Digital Forensics Software in Digital A...
Using and Developing with Open Source Digital Forensics Software in Digital A...
Mark Matienzo
 
Digital forensic upload
Digital forensic uploadDigital forensic upload
Digital forensic upload
Setia Juli Irzal Ismail
 

Viewers also liked (20)

Windows 7 forensics -overview-r3
Windows 7 forensics -overview-r3Windows 7 forensics -overview-r3
Windows 7 forensics -overview-r3
 
Disk forensics
Disk forensicsDisk forensics
Disk forensics
 
Introduction to memory forensics
Introduction to memory forensicsIntroduction to memory forensics
Introduction to memory forensics
 
Computer forensic 101 - OWASP Khartoum
Computer forensic 101 - OWASP KhartoumComputer forensic 101 - OWASP Khartoum
Computer forensic 101 - OWASP Khartoum
 
Windows logging cheat sheet
Windows logging cheat sheetWindows logging cheat sheet
Windows logging cheat sheet
 
Vista Forensics
Vista ForensicsVista Forensics
Vista Forensics
 
Mounting virtual hard drives
Mounting virtual hard drivesMounting virtual hard drives
Mounting virtual hard drives
 
Capturing forensics image
Capturing forensics imageCapturing forensics image
Capturing forensics image
 
Open Source Forensics
Open Source ForensicsOpen Source Forensics
Open Source Forensics
 
Registry forensics
Registry forensicsRegistry forensics
Registry forensics
 
Become an Internet Sleuth!
Become an Internet Sleuth!Become an Internet Sleuth!
Become an Internet Sleuth!
 
Windows 10 Forensics: OS Evidentiary Artefacts
Windows 10 Forensics: OS Evidentiary ArtefactsWindows 10 Forensics: OS Evidentiary Artefacts
Windows 10 Forensics: OS Evidentiary Artefacts
 
Forensic Anaysis on Twitter
Forensic Anaysis on TwitterForensic Anaysis on Twitter
Forensic Anaysis on Twitter
 
Raidprep
RaidprepRaidprep
Raidprep
 
Part6 Private Sector Concerns
Part6 Private Sector ConcernsPart6 Private Sector Concerns
Part6 Private Sector Concerns
 
Computer Forensics & Windows Registry
Computer Forensics & Windows RegistryComputer Forensics & Windows Registry
Computer Forensics & Windows Registry
 
File system
File systemFile system
File system
 
Using and Developing with Open Source Digital Forensics Software in Digital A...
Using and Developing with Open Source Digital Forensics Software in Digital A...Using and Developing with Open Source Digital Forensics Software in Digital A...
Using and Developing with Open Source Digital Forensics Software in Digital A...
 
Digital forensic upload
Digital forensic uploadDigital forensic upload
Digital forensic upload
 
Linux forensics
Linux forensicsLinux forensics
Linux forensics
 

Similar to Windows forensic artifacts

2010 2013 sandro suffert memory forensics introdutory work shop - public
2010 2013 sandro suffert memory forensics introdutory work shop - public2010 2013 sandro suffert memory forensics introdutory work shop - public
2010 2013 sandro suffert memory forensics introdutory work shop - public
Sandro Suffert
 
Anti forensics-techniques-for-browsing-artifacts
Anti forensics-techniques-for-browsing-artifactsAnti forensics-techniques-for-browsing-artifacts
Anti forensics-techniques-for-browsing-artifacts
gaurang17
 
nullcon 2011 - Penetration Testing a Biometric System
nullcon 2011 - Penetration Testing a Biometric Systemnullcon 2011 - Penetration Testing a Biometric System
nullcon 2011 - Penetration Testing a Biometric System
n|u - The Open Security Community
 
Windows Threat Hunting
Windows Threat HuntingWindows Threat Hunting
Windows Threat Hunting
GIBIN JOHN
 
Laporan Praktikum Keamanan Siber - Tugas 2 -Kelas C - Kelompok 3.pdf
Laporan Praktikum Keamanan Siber - Tugas 2 -Kelas C - Kelompok 3.pdfLaporan Praktikum Keamanan Siber - Tugas 2 -Kelas C - Kelompok 3.pdf
Laporan Praktikum Keamanan Siber - Tugas 2 -Kelas C - Kelompok 3.pdf
IGedeArieYogantaraSu
 
Kush wadhwa _mining_digital_evidence_in_windows - ClubHack2009
Kush wadhwa _mining_digital_evidence_in_windows - ClubHack2009Kush wadhwa _mining_digital_evidence_in_windows - ClubHack2009
Kush wadhwa _mining_digital_evidence_in_windows - ClubHack2009ClubHack
 
Basic malware analysis
Basic malware analysis Basic malware analysis
Basic malware analysis
Cysinfo Cyber Security Community
 
Introduction to Forensics and Steganography by Pardhasaradhi C
Introduction to Forensics and Steganography by Pardhasaradhi CIntroduction to Forensics and Steganography by Pardhasaradhi C
Introduction to Forensics and Steganography by Pardhasaradhi C
n|u - The Open Security Community
 
CCleaner and case studies in Cyber Security
CCleaner and case studies in Cyber SecurityCCleaner and case studies in Cyber Security
CCleaner and case studies in Cyber Security
kartikaVashisht
 
5 howtomitigate
5 howtomitigate5 howtomitigate
5 howtomitigatericharddxd
 
Reversing & Malware Analysis Training Part 9 - Advanced Malware Analysis
Reversing & Malware Analysis Training Part 9 - Advanced Malware AnalysisReversing & Malware Analysis Training Part 9 - Advanced Malware Analysis
Reversing & Malware Analysis Training Part 9 - Advanced Malware Analysis
securityxploded
 
Cyber&digital forensics report
Cyber&digital forensics reportCyber&digital forensics report
Cyber&digital forensics reportyash sawarkar
 
Infocyte - Digital Forensics and Incident Response (DFIR) Training Session
Infocyte - Digital Forensics and Incident Response (DFIR) Training SessionInfocyte - Digital Forensics and Incident Response (DFIR) Training Session
Infocyte - Digital Forensics and Incident Response (DFIR) Training Session
Infocyte
 
Computer forensics
Computer forensicsComputer forensics
Computer forensics
deaneal
 
computerforensics-140529094816-phpapp01 (1).pdf
computerforensics-140529094816-phpapp01 (1).pdfcomputerforensics-140529094816-phpapp01 (1).pdf
computerforensics-140529094816-phpapp01 (1).pdf
Gnanavi2
 
Lab Deliverable for Lab nYour NameDateTitle Creating, Using, Remo.docx
Lab Deliverable for Lab nYour NameDateTitle Creating, Using, Remo.docxLab Deliverable for Lab nYour NameDateTitle Creating, Using, Remo.docx
Lab Deliverable for Lab nYour NameDateTitle Creating, Using, Remo.docx
DIPESH30
 
Ccleaner
CcleanerCcleaner
Ccleaner
Muhammad Faqih
 

Similar to Windows forensic artifacts (20)

2010 2013 sandro suffert memory forensics introdutory work shop - public
2010 2013 sandro suffert memory forensics introdutory work shop - public2010 2013 sandro suffert memory forensics introdutory work shop - public
2010 2013 sandro suffert memory forensics introdutory work shop - public
 
Anti forensics-techniques-for-browsing-artifacts
Anti forensics-techniques-for-browsing-artifactsAnti forensics-techniques-for-browsing-artifacts
Anti forensics-techniques-for-browsing-artifacts
 
nullcon 2011 - Penetration Testing a Biometric System
nullcon 2011 - Penetration Testing a Biometric Systemnullcon 2011 - Penetration Testing a Biometric System
nullcon 2011 - Penetration Testing a Biometric System
 
Windows Threat Hunting
Windows Threat HuntingWindows Threat Hunting
Windows Threat Hunting
 
Laporan Praktikum Keamanan Siber - Tugas 2 -Kelas C - Kelompok 3.pdf
Laporan Praktikum Keamanan Siber - Tugas 2 -Kelas C - Kelompok 3.pdfLaporan Praktikum Keamanan Siber - Tugas 2 -Kelas C - Kelompok 3.pdf
Laporan Praktikum Keamanan Siber - Tugas 2 -Kelas C - Kelompok 3.pdf
 
Kush wadhwa _mining_digital_evidence_in_windows - ClubHack2009
Kush wadhwa _mining_digital_evidence_in_windows - ClubHack2009Kush wadhwa _mining_digital_evidence_in_windows - ClubHack2009
Kush wadhwa _mining_digital_evidence_in_windows - ClubHack2009
 
Basic malware analysis
Basic malware analysis Basic malware analysis
Basic malware analysis
 
Introduction to Forensics and Steganography by Pardhasaradhi C
Introduction to Forensics and Steganography by Pardhasaradhi CIntroduction to Forensics and Steganography by Pardhasaradhi C
Introduction to Forensics and Steganography by Pardhasaradhi C
 
intro to forensics
intro to forensicsintro to forensics
intro to forensics
 
CCleaner and case studies in Cyber Security
CCleaner and case studies in Cyber SecurityCCleaner and case studies in Cyber Security
CCleaner and case studies in Cyber Security
 
5 howtomitigate
5 howtomitigate5 howtomitigate
5 howtomitigate
 
Final viva
Final vivaFinal viva
Final viva
 
Reversing & Malware Analysis Training Part 9 - Advanced Malware Analysis
Reversing & Malware Analysis Training Part 9 - Advanced Malware AnalysisReversing & Malware Analysis Training Part 9 - Advanced Malware Analysis
Reversing & Malware Analysis Training Part 9 - Advanced Malware Analysis
 
Cyber&digital forensics report
Cyber&digital forensics reportCyber&digital forensics report
Cyber&digital forensics report
 
Digital forensics
Digital forensics Digital forensics
Digital forensics
 
Infocyte - Digital Forensics and Incident Response (DFIR) Training Session
Infocyte - Digital Forensics and Incident Response (DFIR) Training SessionInfocyte - Digital Forensics and Incident Response (DFIR) Training Session
Infocyte - Digital Forensics and Incident Response (DFIR) Training Session
 
Computer forensics
Computer forensicsComputer forensics
Computer forensics
 
computerforensics-140529094816-phpapp01 (1).pdf
computerforensics-140529094816-phpapp01 (1).pdfcomputerforensics-140529094816-phpapp01 (1).pdf
computerforensics-140529094816-phpapp01 (1).pdf
 
Lab Deliverable for Lab nYour NameDateTitle Creating, Using, Remo.docx
Lab Deliverable for Lab nYour NameDateTitle Creating, Using, Remo.docxLab Deliverable for Lab nYour NameDateTitle Creating, Using, Remo.docx
Lab Deliverable for Lab nYour NameDateTitle Creating, Using, Remo.docx
 
Ccleaner
CcleanerCcleaner
Ccleaner
 

More from n|u - The Open Security Community

Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)
n|u - The Open Security Community
 
SSRF exploit the trust relationship
SSRF exploit the trust relationshipSSRF exploit the trust relationship
SSRF exploit the trust relationship
n|u - The Open Security Community
 
Metasploit primary
Metasploit primaryMetasploit primary
Metasploit primary
n|u - The Open Security Community
 
Api security-testing
Api security-testingApi security-testing
Api security-testing
n|u - The Open Security Community
 
Introduction to TLS 1.3
Introduction to TLS 1.3Introduction to TLS 1.3
Introduction to TLS 1.3
n|u - The Open Security Community
 
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
n|u - The Open Security Community
 
Talking About SSRF,CRLF
Talking About SSRF,CRLFTalking About SSRF,CRLF
Talking About SSRF,CRLF
n|u - The Open Security Community
 
Building active directory lab for red teaming
Building active directory lab for red teamingBuilding active directory lab for red teaming
Building active directory lab for red teaming
n|u - The Open Security Community
 
Owning a company through their logs
Owning a company through their logsOwning a company through their logs
Owning a company through their logs
n|u - The Open Security Community
 
Introduction to shodan
Introduction to shodanIntroduction to shodan
Introduction to shodan
n|u - The Open Security Community
 
Cloud security
Cloud security Cloud security
Cloud security
n|u - The Open Security Community
 
Detecting persistence in windows
Detecting persistence in windowsDetecting persistence in windows
Detecting persistence in windows
n|u - The Open Security Community
 
Frida - Objection Tool Usage
Frida - Objection Tool UsageFrida - Objection Tool Usage
Frida - Objection Tool Usage
n|u - The Open Security Community
 
OSQuery - Monitoring System Process
OSQuery - Monitoring System ProcessOSQuery - Monitoring System Process
OSQuery - Monitoring System Process
n|u - The Open Security Community
 
DevSecOps Jenkins Pipeline -Security
DevSecOps Jenkins Pipeline -SecurityDevSecOps Jenkins Pipeline -Security
DevSecOps Jenkins Pipeline -Security
n|u - The Open Security Community
 
Extensible markup language attacks
Extensible markup language attacksExtensible markup language attacks
Extensible markup language attacks
n|u - The Open Security Community
 
Linux for hackers
Linux for hackersLinux for hackers
Linux for hackers
n|u - The Open Security Community
 
Android Pentesting
Android PentestingAndroid Pentesting
Android Pentesting
n|u - The Open Security Community
 

More from n|u - The Open Security Community (20)

Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)
 
Osint primer
Osint primerOsint primer
Osint primer
 
SSRF exploit the trust relationship
SSRF exploit the trust relationshipSSRF exploit the trust relationship
SSRF exploit the trust relationship
 
Nmap basics
Nmap basicsNmap basics
Nmap basics
 
Metasploit primary
Metasploit primaryMetasploit primary
Metasploit primary
 
Api security-testing
Api security-testingApi security-testing
Api security-testing
 
Introduction to TLS 1.3
Introduction to TLS 1.3Introduction to TLS 1.3
Introduction to TLS 1.3
 
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
 
Talking About SSRF,CRLF
Talking About SSRF,CRLFTalking About SSRF,CRLF
Talking About SSRF,CRLF
 
Building active directory lab for red teaming
Building active directory lab for red teamingBuilding active directory lab for red teaming
Building active directory lab for red teaming
 
Owning a company through their logs
Owning a company through their logsOwning a company through their logs
Owning a company through their logs
 
Introduction to shodan
Introduction to shodanIntroduction to shodan
Introduction to shodan
 
Cloud security
Cloud security Cloud security
Cloud security
 
Detecting persistence in windows
Detecting persistence in windowsDetecting persistence in windows
Detecting persistence in windows
 
Frida - Objection Tool Usage
Frida - Objection Tool UsageFrida - Objection Tool Usage
Frida - Objection Tool Usage
 
OSQuery - Monitoring System Process
OSQuery - Monitoring System ProcessOSQuery - Monitoring System Process
OSQuery - Monitoring System Process
 
DevSecOps Jenkins Pipeline -Security
DevSecOps Jenkins Pipeline -SecurityDevSecOps Jenkins Pipeline -Security
DevSecOps Jenkins Pipeline -Security
 
Extensible markup language attacks
Extensible markup language attacksExtensible markup language attacks
Extensible markup language attacks
 
Linux for hackers
Linux for hackersLinux for hackers
Linux for hackers
 
Android Pentesting
Android PentestingAndroid Pentesting
Android Pentesting
 

Recently uploaded

Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
Safe Software
 
Search and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical FuturesSearch and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical Futures
Bhaskar Mitra
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
Product School
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
Product School
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
OnBoard
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Tobias Schneck
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
Product School
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
Cheryl Hung
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
Elena Simperl
 
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptxIOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
Abida Shariff
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
Product School
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
BookNet Canada
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Ramesh Iyer
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Product School
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
Frank van Harmelen
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Thierry Lestable
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
Elena Simperl
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Product School
 

Recently uploaded (20)

Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
 
Search and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical FuturesSearch and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical Futures
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
 
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptxIOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
 

Windows forensic artifacts