creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-11 13:44:56 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
992dae80cf39edba8f90111d8ea072a38162467c
Anthropic-Cybersecurity-Skills/skills/analyzing-windows-shellbag-artifacts/references/workflows.md
T

342 B
Raw Blame History

Workflows - Shellbag Analysis

Workflow 1: Folder Access Investigation

Extract NTUSER.DAT and UsrClass.dat from evidence
    |
Parse with SBECmd to CSV
    |
Open in Timeline Explorer
    |
Filter by path patterns (USB drives, network shares)
    |
Correlate with MFT and LNK file timestamps
    |
Document folder access timeline
Reference in New Issue View Git Blame Copy Permalink