legal
contact
rss
ID10T's Cyber world
Self study
Defense
Fight against Phase 1
Fight against Phase 2
Fight against Phase 3
Fight against Phase 4
IOC sharing
Find random generatet URL's
APT Simulator to test your capabilities
CyCON 2019
Secure your Microsoft software
Password's
Cyber Threat Intelligence
OSINT Information gathering
Malware analysis
Equation
MISP
Forensic
Mobile phones
Windows machine
Motivation
1st responder actions
Tools
$MFT related
Background Information
Memory
Harddisks
SIFT - Memory Analysis
Xplico action
Windows artefacts
Linux machine
PDF
Tools'n links
MS Word docx
using Autopsy
Bitscout - The Free Remote Digital Forensics Tool Builder
Splunk
Incident response
Attack
ID10T's Security
Security made simple and ID10T proof
You are here:
ID10T's Cyber world
/
Defense
/
Forensic
/
Windows machine
/
$MFT related
/
Background Information
Background Information
Recomendet reading:
Microsoft:
How NTFS Works
Greyscale Reasearch:
NTFS forensics