archive
Tag: Memory Forensics

2016/10/10

Most Recent Used (MRU) Peek-A-Book

In this post, we will cover some cool ways to review the Most Recent Used (MRU) keys from the Windows registry. The goal of the article is to show how these keys can be useful, explain how to review them using RegRipper, and provide a means to review these keys directly from a memory image[…]

2014/09/08

Foremost Automator Script

by Destruct_Icon
Categories: Analysis, Coding, Host Forensics, Python
Tags: , ,
Comments: Leave a Comment

Formost Automator Script A small project that we were working on involved using Foremost as an automated triage tool to run in the background as we were performing other analysis during incidents. The Foremost Automator Script was birthed from this project. If you are not familiar with Foremost, please check out our previous post at[…]


Today is Monday
2017/10/23