Archive for May, 2015

Hello Reader! This week I was working on updates to the Prefetch File script I began last week.  I’m starting to work on parsing out the file information data for the prefetch file.  It’s not complete, but there’s enough for now to post for this week. First lets talk about the changes.  The prefetch_format function […]

Hello Reader! This week I’m going back to parsing Windows artifacts.  The first one I’ve decided to tackle are Prefetch files.  For those of you who are not familiar with Prefetch files, you can check out this link for more information. So far all this script does is parse thee header information of the Prefetch […]

Hello Reader! This weeks piece of code are updates to some previous YOP scripts I’ve written… First, there was my YOP – Week Seventeen script, which was an index.dat HASH table parser.  I wanted to start tackling the Record Hash part of the Hash Table entries.  This part of the entry is four bytes in […]

Hello Reader! Today’s post will be short.  The college semester finished this week, so most of my time has been spent grading final exams as well as finishing grading some lab assignments.  However, it wasn’t enough to stop the YOP! My script this week was one I created to help with determining the final grades […]