Windows Forensics Analysis — Tools And Resources

Nasreddine Bencherchali
2 min readSep 15, 2019
https://pixabay.com/illustrations/fingerprint-expression-328992/

With the amount of information and artifacts that one needs to collect and sift through when doing forensics analysis, it can get quite difficult to make sense of it all.

Fortunately, many tools and resources are available at our disposal that can make this process a little bit easier.

Network Analysis Tools

Registry Analysis Tools

RDP Cache Analysis Tools

Recycle Bin Analysis Tools

“$” Files Analysis Tools

Logs Analysis Tools

Processes And Memory Analysis Tools

Disk And File Analysis Tools

Browsers Analysis Tools

Frameworks, Toolkits and VM’s

Other

Resources / Getting Started

I’ll be updating this list constantly so please look forward to it.

Thanks for reading. Please feel free to send me any suggestions or comments on twitter @nas_bench

--

--

Nasreddine Bencherchali

I write about #Detection and #WindowsInternals. Follow https://github.com/nasbench/Misc-Research fore interesting Windows tidbits