Wednesday, February 18, 2015

Dig Out Evidences Through Control Panel Forensics

Windows Operating System Control Panel is implemented as a series of applets and each of these applets is represented by .cpl file. These applets are usually stored in %system root%\System32 folder and can be opened through system binary ‘control.exe’ a control panel application. There are various ways available to access it and each of these methods can destine you with different artifacts which are also stored in varied places depending on the version of Windows.

Friday, February 6, 2015

An Introduction To Virtual Machine Forensics

The virtual machine is a software application using which one can create separate OS environments. Each environment limits the use of its hardware and software resources. In an ideal case, an individual virtual machine behaves as an independent system possessing its personal operating system and hardware. The control over each environment is provided to the user independently.