Hello Reader,
This was another test kitchen were we mainly got some python code to work and in the end were able to print all of the file name's out of the file name attributes for every file referenced in the Syscache hive Object key. This isn't done though as next week I need to add in the sequence numbers to the checks to make sure I'm looking at the right file.
So next week we will be able to start making some observations about what exactly Syscache is actually tracking.
You can watch me use Eric Zimmerman's new Syscache plugin and write python code to parse the filename attribute here:
This was another test kitchen were we mainly got some python code to work and in the end were able to print all of the file name's out of the file name attributes for every file referenced in the Syscache hive Object key. This isn't done though as next week I need to add in the sequence numbers to the checks to make sure I'm looking at the right file.
So next week we will be able to start making some observations about what exactly Syscache is actually tracking.
You can watch me use Eric Zimmerman's new Syscache plugin and write python code to parse the filename attribute here:
Also Read: Seeing Double (Access Dates)
Post a Comment