C5W Webinar Series Internal Investigation Windows System Part 1

>> DOWNLOAD LINK 🎞️ #1 <<

>> DOWNLOAD LINK 🎞️ #2 <<

>> COPY / PASTE LINK PLEASE 🎵 MP3 <<

>> YOUR LINK HERE: ___ http://youtube.com/watch?v=kDFdIx2p9aM

In this recorded webinar, we conducted a real-world Windows Forensic Investigation involving a phishing attack. We covered key forensic techniques, including validating evidence, mounting E01 images, and using powerful tools like Arsenal Image Mounter, KAPE and RegRipper. • Throughout the session, we explored critical Windows artifacts such as Prefetch Files, SRUM, UserAssist, and more, demonstrating how to uncover valuable forensic data. • A special shoutout to Mark Spencer, Eric Zimmerman, Harlan Carvey, and Andrew Rathbun for their invaluable contributions to the #dfir community and the tools we used in this investigation. • --- • One Correction: during the session I mentioned that consent.exe is a legitimate Windows executable used to support programs running from the command-line interfaces like Command Prompt (cmd.exe), but actually I mixed that with Conhost.exe. Consent is also a legitimate Windows system process, but it is responsible for managing User Account Control (UAC) prompts.

#############################