# KAPE Triage

KAPE (Kroll Artifact Parser and Extractor) is a tool used in digital forensics for quickly collecting and processing data from target systems.

Files often being extracted:

1. Event logs
2. Registry
3. MFT UsnJrnl
4. Win10 Timeline
5. SRUM
6. BAM/DAM
7. Prefetch
8. Jumplist
9. Browser history

Please refer: <https://fareedfauzi.github.io/2023/12/22/Windows-Forensics-checklist-cheatsheet.html#triage-artifacts-parsing-and-analysis>