Open navigation menu

Scribd

0% found this document useful (0 votes)

13 views

Screenshare

Uploaded by

geertgreveling123

Copyright

© © All Rights Reserved

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as TXT, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

13 views

Screenshare

Uploaded by

geertgreveling123

Copyright

© © All Rights Reserved

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as TXT, PDF, TXT or read online on Scribd

You are on page 1/ 2

C:\Users\%username%\AppData\Roaming\Microsoft\Windows\Recent

C:\Users\%username%\AppData\Local\CrashDumps

Powershell ISE - (Get-PSReadlineOption).HistorySavePath - Open text file

Computer\HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
AppCompatFlags\Compatibility Assistant\Store

Save to txt - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\

FileExts - Search process hacker (for dlls injected)

C:\$Recycle.Bin

Look in latest.log for chat logs

Check launcher_accounts.json in .minecraft for alts

Process Hacker

explorer.exe - pcaclient

explorer.exe - file:/// * {"displayText"

explorer.exe - \users\ - .exe / .jar

SearchIndexer - file:c / .exe

Check browser - download

Check last activity viewer

echo.ac/sgrm and follow instructions there

csrss - :\

Cdpu - ,"platform":"x_exe_path"},

Pcasvc - .exe or e,0a000000,Reason,00002100

DPS - !! - .exe / downloads

CMD (run as admin)

fsutil usn readjournal c: csv > AllTheJournal.txt

fsutil usn readjournal c: csv | findstr /i /C:.exe >> client.txt

fsutil usn readjournal c: csv | findstr /i /C:".pf" | findstr /i /C:"0x80000200" >

%userprofile%\Desktop\Deleted-PF.txt

fsutil usn readjournal c: csv | findstr /i /c:.exe | findstr /i /c:0x80000200 >>

DeletedExes.txt

fsutil usn deleteJournal /D C:

fsutil usn queryJournal c:

fsutil usn createJournal m=2147483648 a=1 C:

You might also like

Digital Forensics: Investigating NIST Data Leakage Case
No ratings yet
Digital Forensics: Investigating NIST Data Leakage Case
140 pages
Windows - Forensics Building Lab and Essential Investigation
No ratings yet
Windows - Forensics Building Lab and Essential Investigation
238 pages
Windows Forensics 1660231684
100% (1)
Windows Forensics 1660231684
19 pages
ScreenSharing Guide -Remorsefull
No ratings yet
ScreenSharing Guide -Remorsefull
5 pages
Xset 1
No ratings yet
Xset 1
6 pages
SS Guide _ by Specially
No ratings yet
SS Guide _ by Specially
11 pages
List of Window Artifacts
No ratings yet
List of Window Artifacts
19 pages
SS Guide
No ratings yet
SS Guide
3 pages
SpybotSD Results
No ratings yet
SpybotSD Results
103 pages
DFIR
No ratings yet
DFIR
52 pages
windows forensic
No ratings yet
windows forensic
24 pages
Inspiring Powershell Articles
From Everand
Inspiring Powershell Articles
Murat Yildirimoglu
No ratings yet
Practical Windows Forensics - Cheat Sheet
No ratings yet
Practical Windows Forensics - Cheat Sheet
4 pages
At Destroyer
No ratings yet
At Destroyer
6 pages
156 Useful Run Commands in Windows
100% (6)
156 Useful Run Commands in Windows
6 pages
This Is The Fastest Way To Hunt Windows Endpoints PDF
No ratings yet
This Is The Fastest Way To Hunt Windows Endpoints PDF
31 pages
UsbFix Report
No ratings yet
UsbFix Report
3 pages
Handle All
No ratings yet
Handle All
90 pages
UsbFix Report
No ratings yet
UsbFix Report
9 pages
Post Exploit
No ratings yet
Post Exploit
22 pages
Windows Forensics
No ratings yet
Windows Forensics
1 page
To Access Run Command
No ratings yet
To Access Run Command
5 pages
Lang Translation IDs (Controls Only)
No ratings yet
Lang Translation IDs (Controls Only)
16 pages
NW Shell
No ratings yet
NW Shell
5 pages
To Access Run Command
No ratings yet
To Access Run Command
4 pages
Upload
No ratings yet
Upload
926 pages
Antivirus Cheat Sheet
No ratings yet
Antivirus Cheat Sheet
2 pages
UsbFix Report
No ratings yet
UsbFix Report
3 pages
Virusi - )
No ratings yet
Virusi - )
3 pages
1.2.5. Estructura Organizacional para Operar El Programa.
No ratings yet
1.2.5. Estructura Organizacional para Operar El Programa.
39 pages
To Access Run Command
No ratings yet
To Access Run Command
4 pages
Run Commands
No ratings yet
Run Commands
7 pages
UsbFix Report
No ratings yet
UsbFix Report
22 pages
174 Run Commands For Windows XP
0% (1)
174 Run Commands For Windows XP
6 pages
Run Commands Shortcuts
No ratings yet
Run Commands Shortcuts
5 pages
Mindmap - Advanced - Evidence - Execution
No ratings yet
Mindmap - Advanced - Evidence - Execution
1 page
Actionable DFIR: High Level System Analysis To Get Answers Fast
100% (2)
Actionable DFIR: High Level System Analysis To Get Answers Fast
21 pages
Run Command
No ratings yet
Run Command
5 pages
Process
No ratings yet
Process
7 pages
ZHP Diag
No ratings yet
ZHP Diag
41 pages
test (2)
No ratings yet
test (2)
53 pages
Lista de Comandos de La Shell de Windows
No ratings yet
Lista de Comandos de La Shell de Windows
19 pages
Browse Fast in Windows.. Best 112 Run Commands
No ratings yet
Browse Fast in Windows.. Best 112 Run Commands
13 pages
Lab 7 Capturing and Examining The Registry (15 PTS.)
No ratings yet
Lab 7 Capturing and Examining The Registry (15 PTS.)
8 pages
The Mac Terminal Reference and Scripting Primer
From Everand
The Mac Terminal Reference and Scripting Primer
Jay Docherty
4.5/5 (3)
DFIR - Windows Artifacts
No ratings yet
DFIR - Windows Artifacts
30 pages
156 Useful Run Commands: Careers@arydigital - TV
No ratings yet
156 Useful Run Commands: Careers@arydigital - TV
3 pages
XP Run Commands
No ratings yet
XP Run Commands
10 pages
XP Run Commands
100% (2)
XP Run Commands
10 pages
RUN Commands
No ratings yet
RUN Commands
2 pages
Stringhe_By_Event_Deleted
No ratings yet
Stringhe_By_Event_Deleted
4 pages
How To Avoid The Spying of EEUU & Other Practical Solutions Computing (Protect PC, Interner Security AutoHackin
No ratings yet
How To Avoid The Spying of EEUU & Other Practical Solutions Computing (Protect PC, Interner Security AutoHackin
31 pages
Malware Assignment 126
No ratings yet
Malware Assignment 126
6 pages
To Access . Run Command: (If Installed)
No ratings yet
To Access . Run Command: (If Installed)
6 pages
NoSQL Injection for Elasticsearch
From Everand
NoSQL Injection for Elasticsearch
Gary Drocella
No ratings yet
Build your own Blockchain: Make your own blockchain and trading bot on your pc
From Everand
Build your own Blockchain: Make your own blockchain and trading bot on your pc
Magelan Cybersecurity
No ratings yet
Footprinting, Reconnaissance, Scanning and Enumeration Techniques of Computer Networks
From Everand
Footprinting, Reconnaissance, Scanning and Enumeration Techniques of Computer Networks
Dr. Hidaia Mahmood Alassouli
No ratings yet
20 Windows Tools Every SysAdmin Should Know
From Everand
20 Windows Tools Every SysAdmin Should Know
padmin
5/5 (2)
Linux Commands By Example
From Everand
Linux Commands By Example
Khaled Jamal
4.5/5 (3)
Linux Services Deployment
From Everand
Linux Services Deployment
Fabian Mestre
No ratings yet

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.

Alternative Proxies:

Alternative Proxy