Forensic Acquisition and Triage

Introduction to Forensics Acquisition and TriageAcquiring Memory Image From Windows and LinuxCustom Image Using FTK and Mounting Image for AnalysisKAPE Targets for AcquisitionKAPE Modules for Triage and AnalysisTriage Using FireEye RedlineAcquisition and Triage of Disks Using Autopsy
PreviousDetecting Privilege Escalation with SysmonNextIntroduction to Forensics Acquisition and Triage