Explore >> Select a destination
|
You are here 
|
www.micah.soy | ||
| | | | |
www.binaryspiral.com
|
|
| | | | | This evening I got an urgent email from a colleague that just got the rug pulled out from under him. His customer decided that the two web servers on the front end of a SharePoint farm he was build... | |
| | | | |
countuponsecurity.com
|
|
| | | | | Following our last article about the Prefetch artifacts we will now move into the Windows Registry. When conducting incident response and digital forensics on Windows operating systems one of the sources of evidence that is normally part of every investigation is the Windows Registry. The Windows Registry is an important component of the OS and... | |
| | | | |
functionallyparanoid.com
|
|
| | | | | Many of the long-time readers of this blog are going to probably have a panic attack when they read this article because they are going to be asking themselves the question, "Why in the heck does he want to install Active Directory in his life?" The reason, like so many answers to so many of | |
| | | | |
www.khyrenz.com
|
|
| | | Let me start by saying that, yes: many tools already exist to parse information out of the Windows Registry and/or the Event Log. However, while I was conducting my own tool validation processes (see https://github.com/khyrenz/tool_validation), I realised that very few tools parse this information out and automatically populate the kind of table that I would be adding into my forensic report.So... I did a bit of R&D, and I present to you a Python script that does just that; creatively named pars | ||
