Digital forensics and incident response
This journal documents my progress and learnings from different TryHackMe rooms. Each entry contains key takeaways, commonly used commands, and practical applications. My experience with TryHackMe has enhanced my understanding of Linux and Windows fundamentals, network protocols, incident handling, and log analysis.
Handbook of windows forensic artifacts across multiple Windows version with interpretation tips with some examples. Work in progress!
Gives you the list of storage devices that has been connected to your windows machine
When conducting an investigation on a Windows machine there are 8 phase to go through, today we’ll discuss the first ‘Collecting Volatile Information’, and the rest will be explained in future topics
Hands-on projects for beginners to learn and practice Windows forensics and essential cybersecurity skills
Python module for forensic analysis of Windows shortcuts (LNK files). You can install this package using pip install lnkanalyser
Tools and Techniques for Digital Forensics and Incident Response
Command Spy is a utility for monitoring the command line arguments of new processes on Windows. Made for CCDC.
ExeSpy is a cross-platform PE viewer for EXE and DLL files
Cross-platform registry browser for raw Windows registry files
Add a description, image, and links to the windows-forensics topic page so that developers can more easily learn about it.
To associate your repository with the windows-forensics topic, visit your repo's landing page and select "manage topics."