Akash Patel How Windows Knows Your Files Came from the Internet: Alternate Data Streams (Zone.Identifier) Breaking Down the $LogFile and How to Use LogFileParser Tracking Microphone and Camera Usage in Windows (Program Execution: CompatibilityAccessManager) Windows Registry: A Forensic Goldmine for Installed Applications Tracking Trusted Office Documents: A Key to Investigating Macro-Based Malware Brian MaloneyOneDrive Microsoft.FileUsageSync.db […]

Akash Patel File Carving: A Simple and Powerful Way to Recover Deleted Files || String Searching with bstrings… MFTECmd-MFTexplorer: A Forensic Analyst’s Guide Baseline Analysis in Memory Forensics: A Practical Guide Mastering AmcacheParser and appcompatprocessor.py for Amcache.hiv Analysis Brett ShaversThink You Don’t Need WinFE? Wait Until You Do. CellebriteTips and Tricks for Simplifying Your Investigations […]

Akash Patel Box Cloud Storage Forensic Investigations: Logs, Cached Files, and Metadata Analysis Cloud Storage Affect on file Timestamps and collection with KAPE: A Forensic Guide Volume Shadow Copy extraction with KAPE(including data/file recovery) Metadata Investigation(Exiftool): A Powerful Tool in Digital Forensics Remote Collections Artifacts Using KAPE including UNC and Over the Internet(ZeroTier) BelkasoftWindows Forensics: […]

Akash Patel Investigating Google Drive for Desktop: A Forensic Guide Automating Google Drive Forensics: Tools & Techniques Dropbox Forensic Investigations: Logs, Activity Tracking, and External Sharing BelkasoftLessons Learned from the Silk Road Investigation Brian MaloneyOneDrive Offline Mode (Recallish vibes) Christopher Eng at Ogmini CISSP – Study Plan Diving Deep – LevelDB Part 3 CISA IR […]