Practical Windows Forensics

Data CollectionExaminationDisk Analysis IntroductionUser Behavior Overview of disk structures, partitions and file systemsFinding Evidence of Deleted Files with USN Journal AnalysisAnalyzing Evidence of Program ExecutionFinding Evidence of Persistence MechanismsUncover Malicious Activity with Windows Event Log AnalysisWindows Memory Forensic Analysis
PreviousPowershell Scripting FundamentalsNextData Collection