Outer Web | Explore

Explore >> Select a destination

You are here		www.geekrant.org Windows 10 close desktop: default action \| Geek Rant dot org
\|	\|	thinkdfir.com I can see and hear you seeing and hearing me! - ThinkDFIR	9.2 parsecs away Travel
\|	\|	In preparation for an upcoming FOR500 class I thought I would test out one of the recent additions to the class. This post by my colleague Zach shows that Win10 1903 and later has a registry key that will store the full path of any executable that utilises the computers camera or microphone. Zach shows...	9.2 parsecs away Travel
\|	\|	spf13.com Fascinating interview with steve jobs and bill gates \| spf13	13.6 parsecs away Travel
\|	\|		13.6 parsecs away Travel
\|	\|	www.khyrenz.com Updated again! Automated USB artefact parsing from the Registry and Event Log	8.3 parsecs away Travel
\|	\|	Let me start by saying that, yes: many tools already exist to parse information out of the Windows Registry and/or the Event Log. However, while I was conducting my own tool validation processes (see https://github.com/khyrenz/tool_validation), I realised that very few tools parse this information out and automatically populate the kind of table that I would be adding into my forensic report.So... I did a bit of R&D, and I present to you a Python script that does just that; creatively named pars	8.3 parsecs away Travel
\|	\|	adsecurity.org » How Attackers Extract Credentials (Hashes) From LSASS » Active Directory Security	82.3 parsecs away Travel
\|			82.3 parsecs away Travel