bars
π
Windows Forensic Handbook
search
circle-xmark
Ctrl
k
copy
Copy
chevron-down
Artifacts by Activity
chevron-right
π
Network Activity
Evidence of Network Activity
Tracing Registry Keys
chevron-right
EventID 1024: RDP ClientActiveX is trying to connect to the server
chevron-right
EventID 21: Session logon succeeded
chevron-right
EventID 24: Session has been disconnected
chevron-right
EventID 1149: User Authentication Succeeded
chevron-right
Last updated
2 years ago
sun-bright
desktop
moon
sun-bright
desktop
moon