Automated tool that collects volatile data from Windows, OSX, and *nix based operating systems
Zipped Python script that attempts to identify items of interest from a Sysinternals autoruns.csv file
Zipped Perl script that attempts to parse message data from Windows Live Messenger files on iOS devices
Zipped Perl script that attempts to analyze Prefetch files for possible indicators of compromise
This is the section that has had, by far, the most work done to it. On top of the code rewrite, which makes the scripting more "proper" and also much, much faster, new logic was added to deal with things like system inte ... Read More...
© 2020 Copyright 2020 | DFIR Training