Visoottiviseth V.Noonkhan A.Phonpanit R.Wanichayagosol P.Jitpukdebodin S.Mahidol University2024-02-092024-02-092023-01-0127th International Computer Science and Engineering Conference 2023, ICSEC 2023 (2023) , 74-78https://repository.li.mahidol.ac.th/handle/20.500.14594/96340When a cyber incident occurs, digital forensic is then essential for investigating how hackers compromised the system or how malware functioned. In this paper, we focus on Windows forensics which is one important branch of digital forensics. Windows forensics can be performed using some existing investigation tools that are expensive and require training before using them, while the current number of well-trained staffs in the cybersecurity field is limited. Moreover, in the step of evidence analysis, Windows forensic investigators need to manually extract certain files such as Windows registry and Windows event logs, which is a repetitive and time-consuming task. Therefore, we propose AXREL as an automated Windows evidence extracting application to facilitate new Windows forensic investigators by providing a user-friendly GUI. Our application is developed by Python 3 on the Windows platform. It can automatically extract Windows registry and event logs, which are the primary sources of evidence for Windows forensics.MathematicsEnergyComputer ScienceDecision SciencesAXREL: Automated Extracting Registry and Event Logs for Windows ForensicsConference PaperSCOPUS10.1109/ICSEC59635.2023.103297432-s2.0-85180152126