Windows Forensics
MFT
MFT Analysis - Master File Table Forensics Guide The $MFT, or Master File Table, plays a crucial role in the NTFS (New Technology File System) …
Prefetch
Windows Prefetch Analysis - Digital Forensics Execution Tracking Windows Prefetch is a feature in the Windows operating system that was first …
Registry- UserAssist
UserAssist Registry Analysis - Windows Program Execution Tracking UserAssist is a feature of the Windows operating system that keeps track of the …
SysInternals Tools Registry Forensics
SysInternals Tools - Registry Forensics and Analysis What is SysInternals? SysInternals is a suite of advanced system utilities for Microsoft Windows …