List: Windows Forensics | Curated by Nasreddine Bencherchali | Medium

Nasreddine Bencherchali

Jul 21, 2021

7 stories

4 saves

Windows Forensics

Nasreddine Bencherchali

Forensics Artifacts — Parsing Symantec EDR “localdatastore” LevelDB Files

Extracting gold nuggets collected by SEDR

Feb 25, 2021

Forensics Artifacts — Parsing Symantec EDR “localdatastore” LevelDB Files

Feb 25, 2021

Nasreddine Bencherchali

Finding Forensic Goodness In Obscure Windows Event Logs

Digital Forensics and Threat Hunting for Artifacts In Obscure Windows Event Logs

Feb 20, 2021

Finding Forensic Goodness In Obscure Windows Event Logs

Feb 20, 2021

Nasreddine Bencherchali

Forensics Artifacts — Symantec EDR “localdatastore” Folder

Inside Symantec EDR Logs

Feb 16, 2021

Forensics Artifacts — Symantec EDR “localdatastore” Folder

Feb 16, 2021

Nasreddine Bencherchali

Windows Forensics Analysis — Windows Artifacts (Part II)

A List Of Windows Artifacts To Look For During A Forensics Investigation

Sep 28, 2019

Windows Forensics Analysis — Windows Artifacts (Part II)

Sep 28, 2019

Nasreddine Bencherchali

Web Browsers Forensics

A Guide On Doing Web Browsers Forensic Analysis On Windows.

Sep 19, 2019

Web Browsers Forensics

Sep 19, 2019

Nasreddine Bencherchali

Windows Forensics Analysis — Tools And Resources

A Curated List Of Tools And Resources For Windows Forensics Analysis.

Sep 15, 2019

Windows Forensics Analysis — Tools And Resources

Sep 15, 2019

Nasreddine Bencherchali

Windows Forensics Analysis — Windows Artifacts (Part I)

A List Of Windows Artifacts To Look For During A Forensics Investigation

Sep 14, 2019

Windows Forensics Analysis — Windows Artifacts (Part I)

Sep 14, 2019

Nasreddine Bencherchali

Nasreddine Bencherchali

I write about #Detection, #Sigma and #Windows. Follow https://github.com/nasbench/Misc-Research for interesting Windows tidbits

Following

Help
Status
About
Careers
Press
Blog
Privacy
Terms
Text to speech
Teams