One Article Review
| Source |  SANS Institute |
|---|---|
| Identifiant | 7585500 |
| Date de publication | 2022-10-20 14:08:02 (vue: 2022-10-20 15:05:40) |
| Titre | Forensic Value of Prefetch, (Thu, Oct 20th) |
| Texte | [This is a guest diary submitted by Logan Flook] When a program executes on a Windows system there are many artifacts that are generated which can assist digital forensic investigations. One of particular note is the Windows Prefetch file. Found in C:\Windows\Prefetch by default, prefetch files (.pf) contain a wealth of information that can prove vital to any investigation. |
| Envoyé | Oui |
| Condensat | [this 20th any are artifacts assist c:\windows\prefetch can contain default diary digital executes file files flook] forensic found generated guest information investigation investigations logan many note oct one particular prefetch program prove submitted system thu value vital wealth when which windows |
| Tags | |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.