In this video walkthrough, we covered the second part of Windows OS forensics where we demonstrated gathering artifacts from the file system. We covered extracting artifacts by recovering deleted data, examining and parsing prefetch files, Windows 10 timeline, jump lists, shortcuts and USB devices. We used forensics tools such as Autopsy and Eric Zimmerman's tools. This was part of the Cyber Defense pathway.
******
Receive Cyber Security Field, Certifications Notes and Special Training Videos
https://www.youtube.com/channel/UCNSdU_1ehXtGclimTVckHmQ/join
******
Writeup
https://motasem-notes.net/windows-forensics-p2-the-file-system-tryhackme-cyber-defense/
TryHackMe Windows Forensics Part 2
https://tryhackme.com/room/windowsforensics2
********
Patreon
https://www.patreon.com/motasemhamdan?fan_landing=true
Instagram
https://www.instagram.com/dev.stuxnet/
Twitter
https://twitter.com/ManMotasem
Facebook
https://www.facebook.com/motasemhamdantty/
LinkedIn
[1]: https://www.linkedin.com/in/motasem-hamdan-7673289b/
[2]: https://www.linkedin.com/in/motasem-eldad-ha-bb42481b2/
Website
https://www.motasem-notes.net
Backup channel
https://www.youtube.com/channel/UCF2AfcPUjr7r8cYuMvyRTTQ
My Movie channel:
https://www.youtube.com/channel/UCilElKPoXEaAfMf0bgH2pzA
******