OLE structured storage, Registry as log file, 124
for case notes, 281
OpenSaveMRU key, user hives, 150–151
OpenSavePidMRU key, user hives, 150–151
Open-source tools (general)See also specific tools
analysis system set-up, 24
convergence, 19–20
pre-infection intelligence collection, 173–174
suggested reading, 24
timeline creation, 225–226
Operational logs
characteristics, 91
WLAN-AutoConfig example, 92f
Oracle, VirtualBox, 61
Order of volatility, definition, 11
OSession.evt, timeline creation on XP, 233–234
P
P2P, See Peer-to-peer (P2P) file sharing
PaaS, See Platform-as-a-service (PaaS)
Packed, malware detection, 193–195
Packed files
malware detection, 193–195
PEiD example, 193–194
Packet sniffers, incident response data ...
Get Windows Forensic Analysis Toolkit, 4th Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
