Propeller Head Forensics - Download Windows 8 Forensic Guide
"Do you like free stuff? Even better, how about something that might make your job easier? If so, download the Windows 8 Forensic Guide. It contains information on the Windows 8 user interface, Local and Roaming folder artifacts, the Communications App, and a variety of Registry locations. Unless otherwise noted, this is also useful for Windows 7 and Vista. The Windows 8 Forensic Guide has plenty of screen shots and hyperlinks to quickly get you where you need to be within the guide, so check it out!" [Post Leach Level: 100%]
There's some great information in this guide, stuff of interest to any and every Windows 8 spelunker. In using an external forensic tool (FTK and Encase) we can see some stuff that's very locked down if you try it within Windows 8 itself.
No comments:
Post a Comment
NOTE: Anonymous Commenting has been turned off for a while... The comment spammers are just killing me...
ALL comments are moderated. I will review every comment before it will appear on the blog.
Your comment WILL NOT APPEAR UNTIL I approve it. This may take some hours...
I reserve, and will use, the right to not approve ANY comment for ANY reason. I will not usually, but if it's off topic, spam (or even close to spam-like), inflammatory, mean, etc, etc, well... then...
Please see my comment policy for more information if you are interested.
Thanks,
Greg
PS. I am proactively moderating comments. Your comment WILL NOT APPEAR UNTIL I approve it. This may take some hours...