OS Forensics
- Tags
- security
Variant of digital forensics targeting evidence stored on operating systems.
Common evidence found on operating systems ([see page 3, windows] and [see page 4, linux]) includes:
- Documents, Images, Videos, etc.
- Emails
- Browser/Search history
- Security Event Logs (syslogs and
C:\\Windows\\System\\winevt\\logs) - Recycle Bin
Common points of interest in OS forensics includes:
- Left over data in Slack Space.
- Page Files.