Skip to content
  • Home
  • DFIR Blog
    • Cloud Artifacts
    • Web Browser Artifacts
    • Operating System Artifacts
    • Guides and Tutorials
    • Personal Views and Thoughts
  • Contact Us
Atropos4n6
  • Home
  • DFIR Blog
    • Cloud Artifacts
    • Web Browser Artifacts
    • Operating System Artifacts
    • Guides and Tutorials
    • Personal Views and Thoughts
  • Contact Us
Atropos4n6
python programming

How to use Partition%4DiagnosticParser

  • Guides and Tutorials

In this post, Dimitrios presents how someone can use his Partition%4DiagnosticParser, in order to automatically extract all the available VSNs that reside in "Microsoft-Windows-Partition%4Diagnostic.evtx".

  • December, 2020
Read MoreHow to use Partition%4DiagnosticParser

Are you sure you extract all the available Volume Serial Numbers (VSNs) that reside in the Windows 10 Event Log “Microsoft-Windows-Partition%4Diagnostic.evtx”?

  • Operating System Artifacts, Windows

This time we shall see, how we can utilize windows' event logs in order to locate the VSN of a desired removable device and determine if it changes and when.

  • December, 2020
Read MoreAre you sure you extract all the available Volume Serial Numbers (VSNs) that reside in the Windows 10 Event Log “Microsoft-Windows-Partition%4Diagnostic.evtx”?

Has the user logged into this account, or not? (Google Chrome’s Web Data-Part 2)

  • Other, Web Browser Artifacts, Windows

This time I searched for artifacts that can help us determine if and when a user has logged in to her Google Account, using Google Chrome browser. Check this out.

  • September, 2020
Read MoreHas the user logged into this account, or not? (Google Chrome’s Web Data-Part 2)

Has the user logged into this account, or not? (Google Chrome’s Login Data-Part 1)

  • Web Browser Artifacts, Windows

Has the user logged in, or not? How sure can we be, when we examine Google Chrome and we want to answer this question? Dive in to find out.

  • September, 2020
Read MoreHas the user logged into this account, or not? (Google Chrome’s Login Data-Part 1)

Artifacts of Dropbox Usage on Windows 10 (Part 2)

  • Cloud Artifacts, Windows

Second part of Dropbox forensics and in this post we will see what artifacts remain after using Mozilla Firefox and Google Chrome to access this cloud service.

  • September, 2020
Read MoreArtifacts of Dropbox Usage on Windows 10 (Part 2)

Artifacts of Dropbox Usage on Windows 10 (Part 1)

  • Cloud Artifacts, Windows

This post is all about Dropbox and the artifacts it may leave in a Windows 10 machine.

  • September, 2020
Read MoreArtifacts of Dropbox Usage on Windows 10 (Part 1)

Artifacts of Google Drive Usage on Windows 10 (Part 2)

  • Cloud Artifacts, Windows

In this post we will dive into the artifacts that remain on a Windows 10 machine after using Google Drive via Mozilla Firefox and Google Chrome

  • September, 2020
Read MoreArtifacts of Google Drive Usage on Windows 10 (Part 2)

Artifacts of Google Drive Usage on Windows 10 (Part 1)

  • Cloud Artifacts

My first post on this blog is about a favorite DFIR topic, Cloud Forensics. This research was made to explore Google Drive's native app and its artifacts on a Windows 10 machine.

  • August, 2020
Read MoreArtifacts of Google Drive Usage on Windows 10 (Part 1)
  • Home
  • DFIR Blog
  • Contact Us

Copyright © 2025