Windows Forensics Archives

Oxygen Forensics Advances Brute Force, Decryption, and Analysis Capabilities in Latest Release

4th November 2022

Oxygen Forensics, a global leader in digital forensics for law enforcement, federal agencies, and enterprise clients, announced today the release of the latest version of the all-in-one digital forensic solution, Oxygen Forensic® Detective v.15.1. This version offers multiple advancements to … Read more

Uncovering Windows Registry Data and the Latest Mac Artifacts

29th June 2022

Julie O’Shea: Hi, everyone. Thanks for joining today’s webinar: Uncovering Windows Registry Data and the Latest Mac Artifacts. I’m Julie O’Shea and I’m the Product Marketing Manager here at Cellebrite Enterprise Solutions. Before we get started, there are … Read more

Forensic Analysis of ReFS Journaling

15th November 202112th November 2021

Hello, I am Seonho Lee from the Affiliated Institute of ETRI. Today, I talk about the forensic analysis of ReFS Journaling.

Before everything, let me just briefly explain the two key topics of the presentation. I’m going to explain what … Read more

How To Boot Scan A Microsoft Surface Pro

14th May 202014th November 2019

Hi, I’m Rich Frawley, and I’m the Digital Forensic Specialist with ADF Solutions. Today we’re going to conduct a boot scan of a Microsoft Surface Pro with BitLocker activated.

At this point you have decided on a search profile, or … Read more

Finding And Interpreting Windows Firewall Rules

12th May 202015th July 2019

by Joakim Kävrestad

Determining with whom and in what way a computer has communicated can be important and interesting in several types of examinations. Communications can be an important part of analyzing if and how a computer has been remote … Read more

How To Analyze Windows 10 Timeline With Belkasoft Evidence Center

12th May 20209th July 2019

Temporal analysis of events (Timeline) can be beneficial when you want to reconstruct events related to computer incidents, data breaches, or virus attacks taking place on a victim’s computer.

Historically, digital forensic timeline analysis has been broken down into two … Read more

Windows Drive Acquisition

12th May 202019th October 2017

by Oleg Skulkin & Scar de Courcier

Before you can begin analysing evidence from a source, it first of all needs to be imaged. This describes a forensic process in which an exact copy of a drive is made. This … Read more

Windows 10 PE for Digital Forensics

12th May 20206th January 2017

by Robin Brocks, IT Forensic Expert and Incident Responder

Only a few years ago, it was a real pain creating a portable Windows on CD/ DVD or thumb drive, because the Operating System was not prepared to run on those … Read more