Coursera Spring Sale
40% Off Coursera Plus Annual!
Grab it
Learn about LMDA (Lateral Movement and Data Access), two innovative Velociraptor artifacts designed to streamline digital forensics and incident response investigations on Windows systems. Discover how these tools aggregate and normalize forensic data from multiple Windows artifacts including Shellbags, Jumplists, LNK files, browser histories, and registry entries to provide comprehensive insights into compromised user activities. Explore the LM (Lateral Movement) artifact that consolidates data from sources like UAL, Shellbags, registry keys, and remote access tools while clearly categorizing inbound and outbound access with integrated visualization through Jupyter notebooks. Master the DA (Data Access) artifact that compiles data from various forensic sources into a structured timeline to simplify analysis of data exfiltration activities. Gain practical skills in effectively communicating investigative findings to stakeholders using a provided Excel reporting template that automatically highlights sensitive file access from HR, Legal, and Payroll departments. Understand how these tools address the challenges of traditional Windows Event Logs limitations and reduce the manual, time-consuming processes typically required in DFIR investigations.
