forensic tools(23)
-
Hunt-SMB share enumerator and admin finder
HuntSMB share enumerator and admin finder command not updated http://www.foundstone.com version 2.0 직접 다운로드
-
Running FTK Imager from a Thumb drive or CD
Running FTK Imager from a Thumb drive or CD At times you may be required to image a system that cannot be powered down for the acquisition. This might be a server running vital applications or a workstation from which you need certain files for preliminary investigation. You can run FTK Imager from a thumb drive or a CD to create a disk image or to image certain folders of a live system. You can..
-
USBDeview
USBDeview USB 정보를 분석할 수 있는 도구 http://www.nirsoft.net/utils/usb_devices_view.html 다운로드하기 페이지 하단부분에서 Download 링크 클릭 직접다운로드
-
Mitec Windows Registry Recovery
Mitec Windows Registry Recovery Portable http://www.mitec.cz/wrr.html 실행화면 직접다운로드
-
ZeroAccess, Volatility, and Kernel Timers
ZeroAccess, Volatility, and Kernel Timers http://mnin.blogspot.kr/2011/10/zeroaccess-volatility-and-kernel-timers.html As today is Volatility Friday, we'll discuss how to hunt ZeroAccess in memory by following the lead of several others and then writing our own custom plugin. I first want to recognize the work done on this topic by Frank Boldewin, Giuseppe Bonfa, and Marco Giuliani. They are the..
-
Runscanner - 실행
실행하기 exe파일 실행 OK 실행화면!!! Scan computer 버튼 클릭 분석결과