Hidden files using Alternative Data Streams - this is what the cops look for
Hidden files and Alternative Data Streams in Windows - what are the Digital Forensics and Incident Response (DFIR) implications? ♥️ SUBSCRIBE for more vide...
BlueMonkey 4n6
3.1K views • Apr 18, 2024
About this video
Hidden files and Alternative Data Streams in Windows - what are the Digital Forensics and Incident Response (DFIR) implications?
♥️ SUBSCRIBE for more videos: https://www.youtube.com/bluemonkey4n6?sub_confirmation=1
Difficulty Level: Intermediate
Prerequisites: basic understanding of Windows Command Prompt.
Prerequisites: basic understanding of PowerShell.
In this video, we will look at hidden files and folders within Windows and the implications from a Digital Forensics and Incident Response standpoint.
Video timeline
00:00 intro
00:40 What is a hidden file?
01:30 Hidden System Files
02:42 Secret Files - Alternate Data Streams (ADS)
04:13 ADS access with the command prompt (dir /r)
05:36 ADS access with the command prompt (filename:stream_name)
07:46 How do you create Alternate Data Streams?
12:52 ADS access with PowerShell (get-item -stream)
15:04 ADS access with PowerShell (get-content -stream)
15:32 ADS access with PowerShell (set-content -stream)
16:25 ADS access with PowerShell (clear-content -stream)
17:00 ADS access with PowerShell (remove-item -stream)
17:25 ADS access with PowerShell (unblock-file)
18:22 ADS using FTK Imager
⭕️ For other videos about the Windows forensic tools, watch this series: https://www.youtube.com/playlist?list=PLSbhiuoC0XgW4Uljn_PnfM6l2DxqWRkWG
Icons made by freepik from @flaticon http://www.flaticon.com/authors/freepik
Icons made by Smashicons from @flaticon http://www.flaticon.com/authors/smashicons
Video (optical mouse) by Coverr-Free-Footage from Pixabay
Video (hands ) by mephala1980 from Pixabay
Video (wireless keyboard and mouse) by Coverr-Free-Footage from Pixabay
Video (mac keyboard) by Vimeo-Free-Videos from Pixabay
DISCLAIMER: Links in this video description might be affiliate links. If you purchase a product or service using one of these links, I may receive a small commission at no additional cost to you. Thank you!
#DFIR #windowshacks #alternatedatastreams
♥️ SUBSCRIBE for more videos: https://www.youtube.com/bluemonkey4n6?sub_confirmation=1
Difficulty Level: Intermediate
Prerequisites: basic understanding of Windows Command Prompt.
Prerequisites: basic understanding of PowerShell.
In this video, we will look at hidden files and folders within Windows and the implications from a Digital Forensics and Incident Response standpoint.
Video timeline
00:00 intro
00:40 What is a hidden file?
01:30 Hidden System Files
02:42 Secret Files - Alternate Data Streams (ADS)
04:13 ADS access with the command prompt (dir /r)
05:36 ADS access with the command prompt (filename:stream_name)
07:46 How do you create Alternate Data Streams?
12:52 ADS access with PowerShell (get-item -stream)
15:04 ADS access with PowerShell (get-content -stream)
15:32 ADS access with PowerShell (set-content -stream)
16:25 ADS access with PowerShell (clear-content -stream)
17:00 ADS access with PowerShell (remove-item -stream)
17:25 ADS access with PowerShell (unblock-file)
18:22 ADS using FTK Imager
⭕️ For other videos about the Windows forensic tools, watch this series: https://www.youtube.com/playlist?list=PLSbhiuoC0XgW4Uljn_PnfM6l2DxqWRkWG
Icons made by freepik from @flaticon http://www.flaticon.com/authors/freepik
Icons made by Smashicons from @flaticon http://www.flaticon.com/authors/smashicons
Video (optical mouse) by Coverr-Free-Footage from Pixabay
Video (hands ) by mephala1980 from Pixabay
Video (wireless keyboard and mouse) by Coverr-Free-Footage from Pixabay
Video (mac keyboard) by Vimeo-Free-Videos from Pixabay
DISCLAIMER: Links in this video description might be affiliate links. If you purchase a product or service using one of these links, I may receive a small commission at no additional cost to you. Thank you!
#DFIR #windowshacks #alternatedatastreams
Tags and Topics
Browse our collection to discover more content in these categories.
Video Information
Views
3.1K
Likes
76
Duration
20:13
Published
Apr 18, 2024
User Reviews
4.5
(3) Related Trending Topics
LIVE TRENDSRelated trending topics. Click any trend to explore more videos.