Wednesday, May 02, 2012

Interested in the dirty depths of Windows 8? Check out this 83 page Windows 8 Forensic Guide

Propeller Head Forensics - Download Windows 8 Forensic Guide

"Do you like free stuff? Even better, how about something that might make your job easier? If so, download the Windows 8 Forensic Guide. It contains information on the Windows 8 user interface, Local and Roaming folder artifacts, the Communications App, and a variety of Registry locations. Unless otherwise noted, this is also useful for Windows 7 and Vista. The Windows 8 Forensic Guide has plenty of screen shots and hyperlinks to quickly get you where you need to be within the guide, so check it out!" [Post Leach Level: 100%]

 

image

image

There's some great information in this guide, stuff of interest to any and every Windows 8 spelunker. In using an external forensic tool (FTK and Encase) we can see some stuff that's very locked down if you try it within Windows 8 itself.

(via Forensic Methods - Windows 8 Forensic Guide)

No comments: