MCSI Certified DFIR Specialist
https://www.mosse-institute.com/certifications/mdfir-certified-dfir-specialist.html

MCSI Digital Forensics Library
https://library.mosse-institute.com/cyber-domains/digital-forensics.html

️‍️ Get the Most out of the Windows Registry in your Digital Forensic Investigations ️‍️
https://library.mosse-institute.com/articles/2022/05/get-the-most-out-of-the-windows-registry-in-your-digital-forensic-investigations/get-the-most-out-of-the-windows-registry-in-your-digital-forensic-investigations.html

Windows Shellbags in Digital Forensics
https://library.mosse-institute.com/articles/2022/05/windows-shellbags-in-digital-forensics/windows-shellbags-in-digital-forensics.html


Volatility is a memory forensics tool that is used to analyze and extract information from a computer’s RAM. It can be used to analyze malicious code, malware infections, system crashes, and other security-related issues.

Windows registry artefacts can be used in a digital forensics investigation to help identify the software that is running on a system, as well as to look for evidence of malicious activity. Registry keys, values, and entries can be used to determine what programs were installed, when they were installed, and when they were last used. This information can be used to identify suspicious activity, or to determine if a system has been compromised. Additionally, registry keys can contain information on user accounts, system settings, and system activity, which can be used to further a digital forensics investigation.