Windows Forensics


Done (Udemy watched, tools installed and used, conclusions made) is bolded:

1. Prefetch

2. LNK

3. Shellbag

4. Memory

