CategoryForensique

Recover deleted or modified file from shadow copy with shadow explorer Read More

You have lost a critical file : Roll back time with ShadowExplorer

🤖 TL;DR If you save over a file by accident on Windows, and you had System Protection or backups enabled, VSS probably created a shadow copy — a hidden snapshot of your file from earlier. ShadowExplorer gives you an easy, GUI-based way to browse and export those previous versions. No time machine needed 🤗! The

rootkit memory analysis forensic Read More

Memory Analysis Training Samples

ZEUS Zeus, or Zbot, is a notorious banking Trojan first identified in 2007. Designed to steal sensitive data like banking credentials, it uses techniques such as keylogging, man-in-the-browser attacks, and traffic manipulation. Its modular architecture and a leaked source code in 2011 have led to numerous variants. Stuxnet Stuxnet is a computer worm discovered in

Jump List Read More

👨🏾‍💻 Jump List

Les Jump Lists sont des menus contextuels dans Windows qui fournissent des raccourcis vers des fichiers, dossiers et applications récemment ou fréquemment utilisés.

typedpaths Read More

👨🏾‍💻 TypedPaths

Sur Windows, la clé de registre TypedPaths enregistre les 25 derniers chemins d’accès insérés dans la barre de navigation de l’explorateur de fichiers.

shellbag Read More

👨🏾‍💻 Shellbags

Les Shellbags sont des structures de données dans le registre Windows qui permettent d’enregistrer les préférences d’affichage des dossiers.