Intro to Windows Forensics: Windows Registry Artifacts - TryHackMe Walkthrough
Ғылым және технология
TryHackMe recently released a room dedicated to Windows Forensics! We do a walkthrough of the TryHackMe WindowsForensics1 room and learn all about the Windows Registry in digital investigations. This room covers Windows Registry Hive locations, software tools used for investigation, Windows Registry artifacts, and their meanings.
Learn to analyze UserAssist, MRUs, ShellBags, external devices, and so much more.
Thank you to our Members and Patrons, but especially to our Investigators TheRantingGeek and Roman! Thank you so much!
Sign up for the room free here to follow along: tryhackme.com/room/windowsfor...
00:00 TryHackMe WindowsForensics
00:19 Open TryHackMe Windows Forensics room
00:35 Introduction to Windows Forensics
02:34 Windows Registry and Forensics
06:31 Exploring Windows Registry
08:30 System Information and System Accounts
14:17 Usage or knowledge of files/folders
17:48 Evidence of Execution
20:56 External Devices/USB device forensics
24:42 Hands-on Challenge
32:08 Conclusion
I had a lot of fun with this room. I hope you did too! Let me know if you would like to see more digital forensic walkthroughs, and don't forget to subscribe!
🚀 Full Digital Forensic Courses → learn.dfir.science
Links:
* TryHackMe Windows Forensics Room: tryhackme.com/room/windowsfor...
Related book:
* Windows Registry Forensics: Advanced Digital Forensic Analysis of the Windows Registry (amzn.to/3fEyW6y)
#TryHackMe #Windows #Forensics #Registry # Walkthrough
010001000100011001010011011000110110100101100101011011100110001101100101
Get more Digital Forensic Science
👍 Subscribe → bit.ly/2Ij9Ojc
❤️ YT Member → bit.ly/DFIRSciMember
❤️ Patreon → / dfirscience
🕸️ Blog → DFIR.Science
🤖 Code → github.com/DFIRScience
🐦 Follow → / dfirscience
📰 DFIR Newsletter → bit.ly/DFIRNews
010100110111010101100010011100110110001101110010011010010110001001100101
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License. Please link back to the original video. If you want to use this video for commercial purposes, please contact us first. We would love to see what you are doing.
Пікірлер: 39
Im a 32 year old switching careers and finishing my degree in Crim.Justice/Digital Forensics...your videos are amazing. While school gives a nice overview of the scholarly side, KZread can't be beat for working on practical application. Keep it up and thanks so much for the videos!
@DFIRScience
2 жыл бұрын
Thanks so much for the kind words. I appreciate it!
This video is great!!! The additional information you add is priceless. Well spoken and very enthralling hats off to you sir.
@DFIRScience
2 жыл бұрын
Glad you liked it!
I had my first forensic lecture this week and found your channel. Trying to learn some more basics. Thanks for your videos!
@DFIRScience
2 жыл бұрын
Awesome! I hope you enjoy forensics as much as I do. Let me know if you have any questions.
Awesome! as a eCTHPv2 certified and huge fan of forensics, I love this. Keep going :)
@DFIRScience
2 жыл бұрын
Thanks a lot!
liked & subbed. such a great detailed breakdown , thanks man.
for some reason my pc stopped booting, not even to safe mode, blue screen says bad_system_config_info, I tried all available online solutions, probably broke the registry more after realising that Microsoft no longer backed up the hives to regback folder, I had to learn in depth about the entire thing to figure out how I could tackle the issue, and here I am enjoying your video !
Im learning this skill for my business
Great video!! I would love to see you a whole series of window registry
@DFIRScience
2 жыл бұрын
That's a great idea. I'll try to get it done soon!
Thanks a lot, it was VERY helpful! Please keep going, I'm your biggest fan!
@DFIRScience
2 жыл бұрын
Thank you so much! I'll be releasing the next THM walkthrough soon!
Love all of your content, thanks so much for uploading. Digital forensics is so niche it’s really cool to see a great channel covering various aspects and areas of DF. How did you first get started in DF?
@DFIRScience
2 жыл бұрын
I was working IT for a hotel, and someone used the hotel computers for some bad stuff. I "did an investigation" on the computers. Looking back, the investigation was not forensically sound at all, but after that I was hooked! haha!
@eyyTonyyy
2 жыл бұрын
@@DFIRScience That’s really cool. DF is just such an interesting discipline of computers. Definitely not for the faint of heart. Keep up the great work!
Very good video explaining "how to introduce" to windows forensics :)
@DFIRScience
2 жыл бұрын
Thanks! The next THM digital forensics walkthrough will be out soon.
Fantasticsomento!
Great video!
@DFIRScience
2 жыл бұрын
Thanks a lot!
Should do a video applying all this cyber security knowledge to different security breach cases. Think a video series breaking down the registry editor by examples of file manipulations to look out for would be interesting and useful. Sure you have a lot of experience by the overwhelming collection of videos you have lol
Thanks for this i stucked in this last problem but now its solved again thanks bro
@DFIRScience
2 жыл бұрын
Happy to help! :D
Спасибо!
@DFIRScience
2 жыл бұрын
Пожалуйста! И благодарю вас!
Over my head, but interesting
hi thanks for your video, do you have part 2 of windows foensics because im stuck thanks
@DFIRScience
2 жыл бұрын
I'm working on it. I hope to have it out soon!
More digital forensics videos would be greatly appreciated.
@DFIRScience
2 жыл бұрын
You got it.
Need windows forensics 2
@DFIRScience
2 жыл бұрын
It's on my list! Should be done soon.
Can you do Tryhackme Windows Forensics 2?
@DFIRScience
2 жыл бұрын
Working on it! I'll release it soon!
kep going please, Your voice like AI, i hope its your voice :/