Advanced Windows Investigation

Syllabus: Windows Registry Forensics ZeroLogon Gold in Trash - Forensics of Recycle Bin RDP Cache Investigation Windows Event Log & Sysmon Prefetch Files Windows Credentials Dumping Windows Privilege Escalation Filter Captures in Wireshark Sysinternals - Introduction to Process Monitor (Procmon) Windows Registry Introduction and Structure Malicious use of Registry Recycle Bin Forensic and Rifiuti2 Tool Introduction to Prefetch Files Introduction to Privilege Escalation Introduction to Windows Credentials and Credentials Dumping Introduction to Mimikatz Sysinternals - Introduction to System Monitor (Sysmon)