Analyzing Windows Amcache Artifacts
Extract execution evidence from Amcache.hve including application paths, SHA-1 hashes, timestamps, and publisher metadata for DFIR investigations.
analyzing-windows-amcache-artifacts
Parse and analyze Windows Amcache.hve registry hive to extract program execution evidence, file metadata, SHA-1 hashes, and device connection history for digital forensics and incident response investigations.
Safety Notice
This listing is imported from skills.sh public index metadata. Review upstream SKILL.md and repository scripts before running.
Copy this and send it to your AI assistant to learn
Install skill "analyzing-windows-amcache-artifacts" with this command: npx skills add mukul975/anthropic-cybersecurity-skills/mukul975-anthropic-cybersecurity-skills-analyzing-windows-amcache-artifacts
Source Transparency
This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.
Related Skills
Related by shared tags or category signals.
analyzing-cyber-kill-chain
No summary provided by upstream source.
Repository SourceNeeds Review
analyzing-network-traffic-with-wireshark
No summary provided by upstream source.
Repository SourceNeeds Review
analyzing-certificate-transparency-for-phishing
No summary provided by upstream source.
Repository SourceNeeds Review
analyzing-android-malware-with-apktool
No summary provided by upstream source.
Repository SourceNeeds Review