As a continuation of the "Introduction to Windows Forensics" series, this video introduces the ubiquitous LNK, or "link", file, as well as a lesser known Windows feature called Jump Lists. Both of these artifacts provide us with numerous items of forensic interest. We'll first take a look at the basic information you need to know in order to parse these artifacts. Then, we'll take a look inside an LNK file, and use ExifTool and Lnk Explorer to extract items of evidentiary value. Lastly, we'll look at Jump Lists, and use JumpList Explorer to explore the contents of those files. *** If you enjoy this video, please consider supporting 13Cubed on Patreon at *** Introduction to Windows Forensics: LNK Files: Forensic Analysis of LNK files: Jump Lists: 4n6k Jump List AppID Master List: ExifTool: ~phil/exiftool Lnk Explorer: JumpList Explorer: *** Additional Tools Referenced in This Video *** Lnkanalyser: Windows LNK Parsing Utility: Internet Evidence Finder (IEF): JumpLister: JumpListsView: Windows Jump List Parser: #Forensics #DigitalForensics #DFIR #ComputerForensics #WindowsForensics