Archive for June, 2015

Hello Reader! This weeks script is a continuation of the week twenty three script that’s parsing the LNK file header.  It’s a short one this week, but we’re working on the ShowCommand portion of the header at file offset 60.  The Microsoft documentation describes this portion as: “A 32-bit unsigned integer that specifies the expected […]


Hello reader! Today we come to part three of our Windows LNK File Header parsing script, which began with the YOP – Week 23 script. For this weeks snippet, we’re looking at a function to parse out the attributes of the target file that the lnk file points to, and again we’ll be making use […]


Hello Reader! This week we’re going to continue working on our LNK File Parser script.  We have two things we’ll be adding this week to how we are parsing the header portion of a LNK file.  If you look at last weeks post, there were some sections that we were just printing out the data […]


Hello Reader! Unfortunately this weeks post will be short.  I haven’t had a lot of time to work on my code this week.  There have been some “real life” issues that have been tying up my free time. But what I have been working on is starting to parse out the header for Windows Shortcut […]


Hello Reader! So my original thought for this week’s script was to start parsing Windows LNK files.  I needed some time with the Prefetch script to put together a Windows 8 image to finish testing it with (I have a VM somewhere just need to find it…which shows you how much I’ve used it).  I […]