Getting Started with Windows Prefetch
Skills:
Security Basics80%
Key Takeaways
Explains Windows Prefetch and its use in forensic examination
Original Description
https://www.tcm.rocks/certs-y - New forensics coursework (and possible cert) coming later this year! Until then, check out our existing blue team certifications, like the PSAA (Practical SOC Analyst Associate) and PSAP (Practical SOC Analyst Professional).
What is Windows Prefetch? And why does Windows use it? Most importantly, how can we use it to our advantage as forensic examiners? It turns out, Windows Prefetch can provide some solid evidence of program execution. You can learn a surprising amount from it - even without using any forensic tools.
Andrew Prince walks you through all of these things in a little over 15 minutes in today's video.
What do you want to see Andrew explain next? Share your picks in the comments! ⬇️
#forensics #dfir #digitalforensics #cybersecurity #windows
Sponsor a Video: https://www.tcm.rocks/Sponsors
Pentests & Security Consulting: https://tcm-sec.com
Get Trained: https://www.tcm.rocks/acad-y
Get Certified: http://www.tcm.rocks/certs-y
Merch: https://www.bonfire.com/store/tcm-security/
0:00 - Introduction
00:44 - What is Windows Prefetch?
02:43 - Prefetch Configuration
05:40 - Prefetch Files
08:58 - Parsing Prefetch Files
11:49 - Hunting Anti-Forensics
13:14 - Scaling Prefetch Analysis
16:05 - Conclusion
📱Social Media📱
___________________________________________
X: https://x.com/TCMSecurity
Twitch: https://www.twitch.tv/thecybermentor
Instagram: https://www.instagram.com/tcmsecurity/
LinkedIn: https://www.linkedin.com/company/tcm-security-inc/
TikTok: https://www.tiktok.com/@tcmsecurity
Discord: https://discord.gg/tcm
Facebook: https://www.facebook.com/tcmsecure
Watch on YouTube ↗
(saves to browser)
Sign in to unlock AI tutor explanation · ⚡30
More on: Security Basics
View skill →Related AI Lessons
⚡
⚡
⚡
⚡
Cyber Hygiene: The Everyday Habits That Protect Your Digital Life
Medium · Cybersecurity
I found 10 bugs in my own security scanner. Here's what they taught me about false positives.
Dev.to · Zein Saleh
Sudden SSL Error for github pages custom domain website
Reddit r/webdev
Reverse-proof protector
Medium · Cybersecurity
Chapters (8)
Introduction
0:44
What is Windows Prefetch?
2:43
Prefetch Configuration
5:40
Prefetch Files
8:58
Parsing Prefetch Files
11:49
Hunting Anti-Forensics
13:14
Scaling Prefetch Analysis
16:05
Conclusion
🎓
Tutor Explanation
DeepCamp AI