Skip to main content

Windows Shell Items Analysis

 

Windows 10 shell items are metadata files that hold details about various objects in the Windows operating system, including shortcuts, files, and folders. These items are invaluable for forensic investigations because they provide insights into the location and usage of these objects.

To perform shell item forensics on Windows 10, you can use forensic tools such as Autopsy, EnCase, or Belkasoft Evidence Center, which are capable of extracting and analyzing shell item metadata. Additionally, manual analysis of shell items is possible using the Windows Shellbags parser, a tool that extracts and interprets the binary data stored in shell item files.. read more...

Comments

Post a Comment

Popular posts from this blog

Debugging Perl

The standard Perl distribution comes with a debugger, although it's really just another Perl program, perl5db.pl. Since it is just a program, I can use it as the basis for writing my own debuggers to suit my needs, or I can use the interface perl5db.pl provides to configure its actions. That's just the beginning, though. read more...
Post a Comment
Read more

Perl wlan-ui

wlan-ui.pl is a program to connect to wireless networks. It can be run as a GUI which will offer a list of available networks to connect to.nstallation is simple and inelegant. Copy the program file (wlan-ui.pl) to a directory on your path. Next, create a new system configuration file to reflect your system. The system configuration file is different from the options configuration file (@configfile, above). The system configuration file tells the program how to configure the wireless interface, and the options configuration file sets defaults for access points and other things.
Post a Comment
Read more

Reducing NumPy memory usage with lossless compression.

If you’re running into memory issues because your NumPy arrays are too large, one of the basic approaches to reducing memory usage is compression. By changing how you represent your data, you can reduce memory usage and shrink your array’s footprint—often without changing the bulk of your code. In this article we’ll cover:     * Reducing memory usage via smaller dtypes.     * Sparse arrays.     * Some situations where these solutions won’t work.
Post a Comment
Read more