Tag Archives: Windows Forensics

July 10, 2019   No comments

TAC – Timeline ActivitiesCache Parser

Microsoft released a Windows 10 update with the capability to show a chronology of actions taken by the user. This new application is called Timeline and is part of Windows Task View. TAC - Timeline ActivitiesCache Parser allows user to

Read More
July 4, 2019   No comments

Rifiuti2 – Windows Recycle Bin Analysis Tool

Rifiuti2 analyse recycle bin files from Windows. Analysis of Windows recycle bin is usually carried out during Windows computer forensics.

Read More
April 29, 2019   No comments

Panorama – Fast Incident Overview

Panorama was made to generate a wide report about Windows systems, support and tested on Windows XP SP2 and up.

Read More
January 3, 2019   No comments

AlternateStreamView – Tool to Investigate ADS File System

AlternateStreamView is a small utility that allows you to scan your NTFS drive, and find all hidden alternate streams stored in the file system.

Read More
December 2, 2018   No comments

CurrProcess – Tool to Display Currently Running Processes

CurrProcess utility is another nirsoft product that you can use among your toolkit for incident response.

Read More