Windows Registry Forensics
October 22, 2025
A walkthrough of Windows registry forensic analysis from evidence acquisition to detailed artifact examination, following proper forensic procedures.
Read more →October 22, 2025
A walkthrough of Windows registry forensic analysis from evidence acquisition to detailed artifact examination, following proper forensic procedures.
Read more →October 10, 2025
Step-by-step guide on acquiring memory and disk from a compromised Windows VirtualBox machine for forensic analysis.
Read more →April 11, 2025
In this forensic walkthrough, we dive into a real-world scenario involving an abandoned Dell CPi notebook suspected of being used for wireless hacking activities. Using a multi-part disk image, we uncover traces of hacking tools, analyze usage artifacts, and attempt to link the digital evidence to the alleged hacker known as 'Mr. Evil.' Join me as we explore how digital forensics helps trace the footsteps of a cyber intruder and piece together their digital trail
Read more →February 8, 2025
Acquire the critical skills of evidence preservation, disk imaging, and artefact analysis for use in court.
Read more →February 8, 2025
This memory dump originates from a compromised system. Perform in-depth forensics to explore its internals.
Read more →February 1, 2025
Using Volatility to Perform Memory Forensics and Extract Flags
Read more →January 22, 2025
Step-by-step memory dump analysis using Volatility to investigate a phishing attack involving PowerShell payloads and .lnk file obfuscation.
Read more →