Intro to Windows Forensics - Windows Registry Artifacts
Offered By: DFIRScience via YouTube
Course Description
Overview
Dive into a comprehensive walkthrough of TryHackMe's Windows Forensics room, focusing on Windows Registry artifacts in digital investigations. Explore Windows Registry Hive locations, software tools for investigation, and the significance of various Windows Registry artifacts. Learn to analyze UserAssist, MRUs, ShellBags, external devices, and more. Follow along with the step-by-step guide covering introduction to Windows forensics, Windows Registry and its role in forensics, exploring the Registry, system information and accounts, file and folder usage evidence, execution traces, and USB device forensics. Conclude with a hands-on challenge to apply your newly acquired knowledge. Gain valuable insights into digital forensic techniques and enhance your skills in Windows-based investigations.
Syllabus
TryHackMe WindowsForensics
Open TryHackMe Windows Forensics room
Introduction to Windows Forensics
Windows Registry and Forensics
Exploring Windows Registry
System Information and System Accounts
Usage or knowledge of files/folders
Evidence of Execution
External Devices/USB device forensics
Hands-on Challenge
Conclusion
Taught by
DFIRScience
Related Courses
Foundations of Computer Science for TeachersThe University of Texas at Austin via edX Computer Forensics
Rochester Institute of Technology via edX FinTech Security and Regulation (RegTech)
The Hong Kong University of Science and Technology via Coursera Cyber Security
CEC via Swayam Fundamentos de Ciberseguridad: un enfoque práctico
Inter-American Development Bank via edX