PFP-List reference

(Korean, English)

We will continue to upload PFP intoduction and supplementary materials for good using and learning each items of PFP-List.

Tech-Group Category AnalysisPoint
PFP Introduction - -
PFP Modules(Tools) - -
First Response Live System Forensics(win) Volatile Data Acquisition
Physical Memory Acquisition
Non Volatile-Selective Acquisition
Disk imaging Disk Imaging Software
Disk Imaging Hardware
Windows System Analysis Artifact Analysis FileSystem artifact
Web artifact
Event log
Prefetch and Superfetch
Jump lists
Restore point
Windows System logs
System Temp
Windows search DB
Registry Analysis Registry Hive
System information, registry
Application History or Recent, registry
User Information, registry
System Recent, registry
Bundle related, registry
Search List , registry
External Storage, registry
Autoruns, registry
Memory Analysis Volatility Framework