Description

Accept emails from <no-reply@zoom.us> to get your personalized registration link. 

Windows Search Index: The Forensic artifact you have been searching for

Presenter: Phalgun Kulkarni, DFIR Consultant at Stroz Friedberg

Bio: Phalgun is a DFIR consultant at Stroz Friedberg and holds GX-FA certificate.  He works on threat hunts and cases ranging from unauthorized access to ransomware. Phalgun is immensely passionate about Digital Forensics and Incident Response with an immense interest in Malware and Memory analysis by researching artifacts from Windows operating systems and Linux distributions for Forensic evidence and comparing the value from various sources of hardware.

Description: This presentation will focus on a not so famous but a generous Windows artifact, Windows Search Index, and how it can enhance your investigations by providing information about historical as well as current files and folders, user activity, and internet browsing activity. The presentation will also showcase an open source tool to parse the information.