Automated tool that collects volatile data from Windows, OSX, and *nix based operating systems
"Crowd Response is a lightweight Windows console application designed to aid in the gathering of system information for incident response and security engagements. The application contains numerous modules, each of them in ... Read More...
Read More...
"This tool collects different artefacts on live Windows and records the results in csv files. With the analyses of this artefacts, an early compromission can be detected." ??github.com/SekoiaLab/Fastir_Collector
"Acquire volatile data (Internet history, screen capture, memory?) from a system onto a USB thumb drive with Live Response. Built on H3E technology, Live Response quickly acquires data using e-fense patent-pending technolo ... Read More...
AChoir is a Windows Live Response / Forensic artifact collection tool. AChoir has it's own scripting language designed specifically for Live Response. It can run locally or remotely, interactively and/or fully (or partially) scripted.
See AChRe ... Read More...
All-in-one evidence collector for Incident Response
This is the section that has had, by far, the most work done to it. On top of the code rewrite, which makes the scripting more "proper" and also much, much faster, new logic was added to deal with things like system inte ... Read More...
© 2019 Copyright | DFIR Training