Комментарии:
Clear, concise, and easy to grasp. If you aren't a teacher by profession, you should be. Subbed. 👍
Would love to see you do a video picking apart Windows 10 OEM Telemetry structures.
great video you rock!
ОтветитьGold
ОтветитьMACB timestamps for executables of target files aren't included when lnk files are parsed by the tool and output saved to csv file, it would add more valuable artifacts. Thank you for your efforts, the videos are really incredible.
Ответитьthank you!!!
ОтветитьGood, factual, easy to understand and practical!
ОтветитьVery helpful and informative.
Ответить26 minutes and I learn more here then I do in a 3 hour lecture... You're a great teacher, thank you
ОтветитьWhat did you mean when you mentioned "*lnk" in ftk imager? Can you do wildcard searches within Imager?
ОтветитьHey it would be really helpful if you can give quick guidance on SIDS role along access token ... ex ... which sid is used by domain admin and how do we detect other user information. All of above video's are extremely helpful and very well explained. Thank you .. please if you can provide your email address will be really helpful to contact you...
ОтветитьExcellent presentation. Well organized and informative. Thank you so much.
ОтветитьI really appreciate you making these videos. Every time I watch your videos I find out about tools I didn't know about.
Ответить