Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Intro to Windows Forensics - Windows Registry Artifacts

DFIRScience via YouTube

Overview

Dive into a comprehensive walkthrough of TryHackMe's Windows Forensics room, focusing on Windows Registry artifacts in digital investigations. Explore Windows Registry Hive locations, software tools for investigation, and the significance of various Windows Registry artifacts. Learn to analyze UserAssist, MRUs, ShellBags, external devices, and more. Follow along with the step-by-step guide covering introduction to Windows forensics, Windows Registry and its role in forensics, exploring the Registry, system information and accounts, file and folder usage evidence, execution traces, and USB device forensics. Conclude with a hands-on challenge to apply your newly acquired knowledge. Gain valuable insights into digital forensic techniques and enhance your skills in Windows-based investigations.

Syllabus

TryHackMe WindowsForensics
Open TryHackMe Windows Forensics room
Introduction to Windows Forensics
Windows Registry and Forensics
Exploring Windows Registry
System Information and System Accounts
Usage or knowledge of files/folders
Evidence of Execution
External Devices/USB device forensics
Hands-on Challenge
Conclusion

Taught by

DFIRScience

Reviews

Start your review of Intro to Windows Forensics - Windows Registry Artifacts

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.