Windows Forensics Artifacts Guide - caitlinmallen/TechWiki GitHub Wiki
A forever growing list of important Windows artifacts!
Windows Event Logs
- Security
- Terminal Services
- System
Windows Registry
- System
- NTUSER
- UsrClass
Others
- Prefetch
- Jump Lists
- Shortcut (LNK) Files