The Windows Search Indexer service does not just provide a fast way to locate and access a misplaced file, this service’s database holds tremendous forensic value for host investigations.
With the recent introduction of efficient parsing tools, analysts can gain access to these gems from the Indexer database: directory/file metadata, content file summaries and user browser/activity logs.
Join Alissa Torres in this free one-hour Antisyphon Anti-Cast to learn how the Windows Search Index can augment your investigations. Fall in love with this under-rated artifact.
Chat with your fellow attendees in the Antisyphon Discord server:
https://discord.gg/antisyphon
in the #🍿anticasts-chat channel
Stay up to date on our upcoming live Anti-Casts and more at https://poweredbybhis.com