Info

Digital Forensic Survival Podcast

Listen to talk about computer forensic analysis, techniques, methodology, tool reviews and more.
RSS Feed
Digital Forensic Survival Podcast
2022
June
May
April
March
February
January


2021
December
November
October
September
August
July
June
May
April
March
February
January


2020
December
November
October
September
August
July
June
May
April
March
February
January


2019
December
November
October
September
August
July
June
May
April
March
February
January


2018
December
November
October
September
August
July
June
May
April
March
February
January


2017
December
November
October
September
August
July
June
May
April
March
February
January


2016
December
November
October
September
August
July
June
May
April
March
February


All Episodes
Archives
Now displaying: Page 1
Mar 29, 2022
This week is a back to basics episode where I am going to cover Windows shellbags. This is a core Windows artifact that gets included in pretty much most every file use and knowledge investigation or any investigation where you’re looking to tie a specific account to directory access activity. Like most Windows artifacts you must know how user interaction affects the artifact in order to properly interpreted it as evidence. You must also be aware of any caveats or pitfalls that may affect your evidence. Spoiler alert, there is a huge one associated with Windows shellbags that I’ll cover at the end of the episode-it’s nothing new but if you’re unfamiliar with it you definitely need to know about it.
0 Comments
Adding comments is not available at this time.