Tips and Tricks
Now Reading
Windows Events log for IR/Forensics
0

Windows Events log for IR/Forensics

Basil from SANS ISC InfoSec Forums posted a nice overview of the most important Windows Event Logs from a digital forensic point of view. In his next diary he promises to show some examples how to use PowerShell to search Windows Events of a compromised system. Stay tuned!

Leave a Response


Please enter the result of the calculation above.