Inforensics

Windows 10 installation on VirtualBox  To install Windows 10 on VirtualBox first, we need to set up the VirtualBox. This is explained in detail in the Kali Linux OS installation on VirtualBox post (https://in4n6.blogspot.com/2023/08/kali-linux-os-installation-on-virtualbox.html ). now we need to download the iso file of Windows 10 and upload it to the VirtualBox We will do it step by step. Downloading ISO file of Windows 10 search for Windows 10 iso download in any search engine. click on the first link. scroll down you will find a download link under Create Windows 10 installation media Click on it. open the downloaded file. a window will pop up like below click on accept. Select Create Installation media for another PC and click on Next. in the next step select ISO file instead of USB flash drive. click on next. select a path for the ISO image file download. the ISO file will be downloaded.   Windows set up on VirtualBox open the VirtualBox and click on tools. click on the ...

  Forensic Insight into Windows 10 $Recycle.Bin  In Windows 10, the deleted files are temporarily located in  "C:\$Recycle.Bin>",  a sub directory under root directory. The completion of file deletion process yields two separate files placed within the $Recycle.Bin path, as follows: $I – Contains metadata specific to the deleted file (original file name path, file size, deletion timestamp, file name size and, file name). $R – Contains the actual contents of the file. The two files ($I and $R) corresponding to the deleted file are named/suffixed with a random six character value after $I and $R, resulting  into a 8–character file name. The system creates SID based folders corresponding to each user account.   In the SID sub-folder, you will find the SID of the user who deleted the file. Each time a user deletes a file from the Recycle Bin, a sub-folder is created for them. As per the requirement an analyst can analyse the contents inside the SI...