Unveiling System Secrets with WinPmem(memory acquisition tool)
A Dive into Windows Hibernation Files
Unleashing the Power of EvtxECmd: Windows Event Log Analysis
Amcache.hiv Analysis: Tool--> Registry explorer
Shimcache/Amcache Analysis: Tool-->AppCompactCacheParser.exe/AmcacheParser.exe
Forensic Collection of Execution Evidence through AppCompatCache(Shimcache)/Amcache.hiv
Prefetch Analysis: Tool-->PECmd.exe
Forensic Collection of Execution Evidence through Prefetch Analysis
Post 6: Credential Theft: Understanding and Securing NTDS.DIT
Post 5: Credential Theft: Understanding and Securing Tickets
Post 4: Credential Theft: Understanding and Securing LSA Secrets
Post 3: Credential Theft: Understanding and Securing Cached Domain
Post 2: Credential Theft: Understanding and Securing Tokens
Post 1: Credential Theft: Understanding and Securing Hashes
Exploring Credentials theft way and defense: Upcoming Topics
Part 4-(Persistence) DLL Persistence Attacks: Navigating Windows Vulnerabilities
Part 3 -(Persistence) Windows Persistence: A Deep Dive into Scheduled Tasks
Part 2-(Persistence) Windows Services: A Stealthy Avenue for Persistence
Part 1-(Persistence): The Labyrinth of Autorun Locations in Windows
Exploring Malware Persistence: Upcoming Topics