Computer Forensics and IR - What's New? - Updated Windows Registry and Mac resources & Jad's Software....updated
“…
Registry Quick Find Chart [GD:Click through for the link]- a very recently updated 34-page reference documenting Registry locations for the standard 5 Registry files. The document has a few new columns in the document - one which lists what versions of Windows the reference pertains to (ie: XP, Vista or Win7) and a second column that states when the Registry reference is updated (immediately, when document opened, at logon...) This document would also be great starting reference to initiate further research on Registry locations and extractable artifacts. D/L it....know it....print it and keep it handy!
…”
AccessData - Supplemental Material
A snap from the PDF;
There’s a good bit of information here and something I know I’ll be able to use…
No comments:
Post a Comment
NOTE: Anonymous Commenting has been turned off for a while... The comment spammers are just killing me...
ALL comments are moderated. I will review every comment before it will appear on the blog.
Your comment WILL NOT APPEAR UNTIL I approve it. This may take some hours...
I reserve, and will use, the right to not approve ANY comment for ANY reason. I will not usually, but if it's off topic, spam (or even close to spam-like), inflammatory, mean, etc, etc, well... then...
Please see my comment policy for more information if you are interested.
Thanks,
Greg
PS. I am proactively moderating comments. Your comment WILL NOT APPEAR UNTIL I approve it. This may take some hours...