Windows Forensics 1

The Windows Registry is a collection of databases that contains the system's configuration data. This configuration data can be about the hardware, the software, or the user's information. It also includes data about the recently used files, programs used, or devices connected to the system. As you can understand, this data is beneficial from a forensics standpoint. Throughout this room, we will learn ways to read this data to identify the required information about the system. You can view the registry using regedit.exe, a built-in Windows utility to view and edit the registry. We'll explore other tools to learn about the registry in the upcoming tasks.

https://tryhackme.com/room/windowsforensics1

Event Information

Event Date OnDemand
Event End Date 12-31-2099
Location Online (OnDemand)
Categories Try Hack Me, Free Training, Online (OnDemand)