Windows Forensics Analysis — Tools And Resources

With the amount of information and artifacts that one needs to collect and sift through when doing forensics analysis, it can get quite difficult to make sense of it all.

Fortunately, many tools and resources are available at our disposal that can make this process a little bit easier.

Network Analysis Tools

Registry Analysis Tools

RDP Cache Analysis Tools

Recycle Bin Analysis Tools

“$” Files Analysis Tools

Logs Analysis Tools

Processes And Memory Analysis Tools

Disk And File Analysis Tools

Browsers Analysis Tools

Frameworks, Toolkits and VM’s


Resources / Getting Started

I’ll be updating this list constantly so please look forward to it.

Thanks for reading. Please feel free to send me any suggestions or comments on twitter @nas_bench



I write about #ThreatHunting #WindowsInternals #Malware #DFIR and occasionally #Python.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Nasreddine Bencherchali

I write about #ThreatHunting #WindowsInternals #Malware #DFIR and occasionally #Python.