Aim of the experiment

To detect the presence of the Tor Browser on a machine by examining prefetch files and related system artifacts, enabling early identification of potential security risks and ensuring adherence to organizational cybersecurity policies.

Identifying the use of Tor Browser is crucial in environments where secure data handling and monitoring of anonymous communications are critical. This aids in:

• Preventing data breaches and unauthorized data exfiltration.

• Detecting insider threats or suspicious user activity.

• Enforcing IT security policies in corporate or institutional networks.

• Assisting digital forensic investigators in tracing anonymized browsing behavior.