What is Windows Forensic Analysis?
Windows Forensic Analysis focuses on 2 things:
- In-depth analysis of Windows Operating System.
- Analysis of Windows System Artifacts.
Windows artifacts are the objects which hold information about the activities that are performed by the Windows user. The type of information and the location of the artifact varies from one operating system to another. Windows artifacts contain sensitive information that is collected and analyzed at the time of forensic analysis.
Windows Forensic Analysis
When doing Windows Forensic Analysis, it can be quite overwhelming to see the large amount of data that one needs to collect, assuming you know what you are looking for. In case you don’t know what are you looking for, the entire process becomes twice as hard.
In this article we will be discussing following topics:
- What is Windows Forensic Analysis?
- What are Forensic Artifacts?
- Top Open-Source Tools for Windows Forensic Analysis