Actively looking roles in cybersecurity. If you have a reference or a job opportunity, your support would mean the world to me!
NTFS Journaling(Different Artifact like $I30, $MFT, $LogFile, $UsnJrnl)
Pages Count
8 Pages
Links for the courses
Overview $LogFile, $UsnJrnl
Understanding NTFS Journaling ($LogFile,$UsnJrnl) : A Goldmine Investigators : Click Me
Making Sense of $UsnJrnl and $LogFile : Journal Analysis is a Game Changer : Click Me
Parsing $J
Understanding the $UsnJrnl, $J and How to Parse and analyze It : Click Me
Parsing $LogFile
Breaking Down the $LogFile and How to Use LogFileParser : Click Me
Parsing $MFT
Collecting, Parsing, Analyzing the $MFTÂ Â Â Â Â Â Â Â Â Â Â Â : Click Me
$MFT Parser, MFTECmd-MFTexplorer: A Forensic Guide : Click Me
Parsing $I30
Understanding, Collecting, Parsing the $I30Â Â Â Â Â Â Â Â Â : Click Me
​
------------------------------------------------------------------------------------------------------------
Tracing Reused $MFT Entries Paths : Recovering Deleted File Paths Forensically with CyberCX UsnJrnl Rewind : Click Me
------------------------------------------------------------------------------------------------------------
         Overview of NTFS File System: Click Me
Your Instructor
Dean
