creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-11 05:34:55 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
757f1c8eae4e288d20f7dfde7f7a42a4d30cffc7
Anthropic-Cybersecurity-Skills/skills/analyzing-windows-shellbag-artifacts/references/workflows.md
T

342 B
Raw Blame History

Workflows - Shellbag Analysis

Workflow 1: Folder Access Investigation

Extract NTUSER.DAT and UsrClass.dat from evidence
    |
Parse with SBECmd to CSV
    |
Open in Timeline Explorer
    |
Filter by path patterns (USB drives, network shares)
    |
Correlate with MFT and LNK file timestamps
    |
Document folder access timeline
Reference in New Issue View Git Blame Copy Permalink