Computer Forensics. NETinfo 2008-10-10. NETinfo 2008-10-10.
Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.
Computer forensics is simply the application of computer investigation and analysis techniques in the interests of determining potential legal evidence. Evidence might be sought in a wide range of computer crime or misuse, including but not limited to theft of trade secrets, theft of or destruction of intellectual property, and fraud.
Det underlättar om man vet vad man letar efter
The Windows Forensic Toolchest™ (WFT) is designed to provide a structured and repeatable automated Live Forensic Response, Incident Response, or Audit on a Windows system while collecting security-relevant information from the system.
WFT is essentially a forensically enhanced batch processing shell capable of running other security tools and producing HTML based reports in a forensically sound manner.
Generation Of Both Raw Text And HTML Reports
User-Editable Config File Controls Execution
Ability To Run Locally, Via CD/DVD, Or Thumb Drive
Macros Which Expand Dynamically Based On Run-Time Values
Detailed Run-Time Logging
Verification Of All Executed Tools
Detailed Hashing Of Output
Support For MD5 Hash
Support For SHA1 Hash
Ability To Verify WFT Config Files
Automatic Updating Of WFT Hash Values For Tools
WFT\'s Interactive Mode Provides Command-Line Alternative
Ability To Run SysInternals Tools Without ‘-accepteula’
Color Output Highlights Important Info
Automatic OS & Drive Detection
Ability To Run Commands Based On Run-Time OS
Ability To Fetch 3rd-Party Tools