Windows Registry Forensics (WRF) with Volatility Framework is a quick startup guide for beginners. Registry forensics is becoming very essential & useful task in digital forensics as well as incidence response. When system is infected & compromised by attacks or viruses, investigator need to perform analysis & forensic investigation on particular system. Through this book I am going to demonstrate forensics analysis by using dumped memory forensics.
This book cover some great forensic topics with practical demonstration -
1) Introduction to tools for forensics
2) Basics of Memory Image (Dumped)
3) Windows Registry Basics and Structure
4) Hardware Analysis
5) Hash Dumping and Analysis
6) LSA Secrets Dumping and Analysis
7) Shellbags Analysis
8) UserAssist Analysis
9) Shimcache Analysis
10) Most Recent Used (MRU)
This book cover some great forensic topics with practical demonstration -
1) Introduction to tools for forensics
2) Basics of Memory Image (Dumped)
3) Windows Registry Basics and Structure
4) Hardware Analysis
5) Hash Dumping and Analysis
6) LSA Secrets Dumping and Analysis
7) Shellbags Analysis
8) UserAssist Analysis
9) Shimcache Analysis
10) Most Recent Used (MRU)