One attack mode on information security is to use a BadUSB device that is connected to the target computer, using this technique various information such as memory dump activities to get the password and embed the reverse shell can be done in a matter of seconds on Microsoft Windows 7 operating system. This paper is an introduction to how computer forensic investigations can be carried out on computers to bring cyber criminals to court. Although the computer forensic technique discussed in this paper looks simple, but in fact this activity requires the precision and patience of the investigator.

Keywords : Human Interface Device, BadUSB, ATMEGA32U4, and Registry.

https://www.youtube.com/watch?v=EfkC7kmIMt8

https://www.youtube.com/watch?v=OEG9tW0m0Xw

https://www.youtube.com/watch?v=y9pg5vO5KYY

Universal Serial Bus (USB), Device Class Definition for Human Interface Devices (HID), Firmware Specification—6/27/01, Version 1.11

https://www.youtube.com/watch?v=F7NlCaaL3yU&t=7s

https://github.com/whid-injector/WHID

https://helgeklein.com/blog/2010/06/registry-tricks/