Miscellaneous Windows 10 Forensic Artifacts

The other night I started looking through my PC for potential forensic artifacts for applications that I use. I was focusing on video game applications but along the way I found some other interesting ones. Below I’ll show the artifacts for each application and explain how it could help in investigations. Visual Studio Code For […]

Read More Miscellaneous Windows 10 Forensic Artifacts

DFIR Scenario #1 Lone Wolf

Introduction This fictional digital investigation scenario examines the disk image and memory of a person’s laptop that was seized. The suspect in question is believed to be planning a mass shooting attack. Our role as the forensic investigator is to find evidence that either supports or disproves this allegation. Acquisition The forensic examiner present during […]

Read More DFIR Scenario #1 Lone Wolf