Tag Archives: Windows

Application Analysis Blog 1

What is Application Analysis? Artifacts are a subject of fascination, full of information from their time and location.  An application leaves markers on systems that often go undetected by the user. These digital artifacts are small bits of information, ranging from profile icons to private messages. This information could be a threat, and it’s crucial that […]

Continue reading

Windows Store and Apps Analysis – MUS2019

Windows Store and Apps (APPX) Analysis While attending the Magnet User Summit in Nashville, I had the opportunity to sit in on fascinating talks and labs. One of my favorites was the talk about Universal Windows Apps given by our very own Professor Yogesh Khatri and Jack Farley. As somebody who knew next to nothing […]

Continue reading

Using Memory Forensics Analysis to Guide Your Investigation

Introduction I had the honor of attending the Magnet User Summit 2019 in Nashville on April 1-3. This was my first professional conference as a junior at Champlain College.  It was exciting to be able to correlate the presentations with the knowledge I’ve gathered in my courses. The conference was also a great networking space where I […]

Continue reading

Windows IoT, Vulscan, and Other Problematic Programs

Introduction Last time we touched base, we described our journey into starting our work at the LCDI and our growth as interns, as well as some of the things we learned so far. Today, however, we wanted to touch on a different subject. Many forget that the mistakes, accidents, hiccups, and small failures of any […]

Continue reading
Windows Fall Creator Title

Windows Fall Creator Introduction

Pick Up Where I Left Off: Windows Innovative New Feature Coming Soon? This spring, the Windows Fall Creator team will research a new Microsoft feature coming out over the next few months. The Windows Fall Creator/Redstone 4 update will provide users with the ability to continue right where they left off on other devices, as […]

Continue reading
fitbit application analysis

Application Analysis Update 1

Introduction This project focuses on searching for artifacts left by common desktop applications. We will be analyzing each application within Windows 10. It is the second most popular version of windows. We began by generating data on virtual machines with the chosen applications. The next step is to use various forensic tools to extract information […]

Continue reading

VMWare Analysis Update 1

Introduction The VMWare Analysis team is researching the differences between a Windows 7 machine and Windows 7 virtual machine (VM) as well as the changes between a Windows 10 machine and VM. The end goal for this project is a quad comparison between the both operating system versions and their respective VMs.   VMWare/Physical Machines […]

Continue reading

Application Analysis: A Closer Look At Business Apps

Introduction  The Application Analysis team has continued examining the desktop-based web applications for both Mac and PC. We are currently finalizing our tests with Slack and DropBox. They were searching for files that could hold company, user, and file information. While these are only tests in the context of a real world scenario, this info […]

Continue reading
project recall

Project Recall: Windows 8 and 10 Forensics – Spring 2015

The Project Recall series will revisit successful and productive projects in the LCDI’s past. Windows 8 and 10 The mission of this project is to discover differences in the artifact locations of Windows 8 and Windows 10. It will also be within the scope of this project to find and discover new artifacts that are […]

Continue reading

Windows 10 Forensics: Conclusion

Windows 10 Forensics: Conclusion by Alex Parsons Results As the current semester comes to an end, so must the Windows 10 project. In the past five months we’ve made significant progress in analyzing core Windows 10 artifacts which will be documented in detail in incoming Windows LCDI 10 report. Before we release the report, we […]

Continue reading