Tags: volatility registry forensics windows
+ Extract Invalid Login timestamp from the windows registry.
+ Extract the timestamp of when a JPEG was opened.
+ Extract Google Chrome's last run time which was pinned to taskbar from windows registry.
Link to writeup: <https://blog.bi0s.in/2020/08/04/Forensics/InvestigationContd-InCTFi20/>