keks411
commented
2 years ago Created a new branch to test out KAPE and velociraptor and other forensic tools. Will include some in the testing branch
Closed keks411 closed 2 years ago
keks411
commented
2 years ago Created a new branch to test out KAPE and velociraptor and other forensic tools. Will include some in the testing branch
https://velociraptor.velocidex.com/the-windows-usn-journal-f0c55c9010e
Implement FileJournal and then parse it later. Could reveal deleted files such as lsass.zip or whatever