Skip navigation

Forensics of Windows Systems

I was reading a Microsoft employee's blog where that person mentions a "Windows Online Forensics" incident response toolkit. I thought maybe Microsoft had released some new tools that I wasn't aware of yet. So I did an Internet search on the phrase and found a very useful whitepaper and set of tools, which I think is what he was referring to.
The whitepaper, "
Online Forensics of Win/32 System," explains how to gather data and what tools to use, and also provides a link to a zip file that contains all of the tools mentioned in the whitepaper. So if you're looking for a guide in collecting forensic evidence then check it out.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.