SANS recently published a good summary of Windows memory forensics acquisition and analysis tools. It’s a good compilation
Archive for the 'Tools' Category
Windows Memory Forensics Tools
«
23 December 2008 |
21:32 |
Forensics, Resources, Tools |
1 Comment | 464 Views
»
new linux incident response script
«
18 October 2008 |
12:53 |
Forensics, Tools |
1 Comment | 408 Views
»
We updated the ForensiX Linux Incident Response Script. You can find the new version at
We updated the ForensiX Linux Incident Response Script. You can find the new version at
The Sleuthkit 2.10
«
13 December 2007 |
9:37 |
Forensics, Tools |
1 Comment | 940 Views
»
A new version of The sleuthkit (TSK) is out now. There are some minor bug fixes included. Changelog
A new version of The sleuthkit (TSK) is out now. There are some minor bug fixes included. Changelog
New Forensics Live Response CD published
«
21 June 2007 |
14:49 |
Forensics, Live Response, Tools |
1 Comment | 1,723 Views
»
I’m proud to announce, that my team published yesterday a very cool Live Response CD for Linux and Windows in cooperation with the german journal iX. It contains a brand new Linux Live Response script and a build script for your own static binaries. This Live Response Script contains also an
I’m proud to announce, that my team published yesterday a very cool Live Response CD for Linux and Windows in cooperation with the german journal iX. It contains a brand new Linux Live Response script and a build script for your own static binaries. This Live Response Script contains also an
Booting EnCase Images
«
2 May 2007 |
19:48 |
Forensics, Live Response, Tools |
No Comments | 2,064 Views
»
GetData now bundles their forensics tool MountImage Pro v2 with Virtual Forensic Computing (VFC) from MD5 Ltd. You can now mount a forensic image
GetData now bundles their forensics tool MountImage Pro v2 with Virtual Forensic Computing (VFC) from MD5 Ltd. You can now mount a forensic image
Sector Inspector (SecInspect.exe)
«
9 April 2007 |
13:52 |
Forensics, Tools |
No Comments | 1,753 Views
»
Microsoft published a tool called Sector Inspector (SecInspect.exe) with the Windows 2003 Server Resource Kit. This is a command-line diagnostics tool that allows administrators to view the contents of master boot records, boot sectors, and IA64 GUID partition tables. Additional features
Microsoft published a tool called Sector Inspector (SecInspect.exe) with the Windows 2003 Server Resource Kit. This is a command-line diagnostics tool that allows administrators to view the contents of master boot records, boot sectors, and IA64 GUID partition tables. Additional features
The Sleuthkit 2.08
«
6 April 2007 |
13:34 |
Forensics, Tools |
No Comments | 1,567 Views
»
The Sleuthkit (TSK) 2.08 is out now. The new version contains
The Sleuthkit (TSK) 2.08 is out now. The new version contains
DFRWS 2007 File Carving Challenge
«
20 February 2007 |
7:44 |
Forensics, Tools |
No Comments | 1,593 Views
»
The new DFRWS File Carving Challenge for the year 2007 has been released. The say: “The goal of this challenge is to design and develop AUTOMATED file carving algorithms that have high true positive and low false positive rates.”
The new DFRWS File Carving Challenge for the year 2007 has been released. The say: “The goal of this challenge is to design and develop AUTOMATED file carving algorithms that have high true positive and low false positive rates.”
