Difference between revisions of "Summerschool Aachen 2004/Incident Research Lab"
Mario Manno (talk | contribs) (tools) |
Mario Manno (talk | contribs) m |
||
| Line 3: | Line 3: | ||
== Notes on Lab Session == | == Notes on Lab Session == | ||
| − | + | === Debian packages you might find usefull === | |
You might want to look into the following tools: | You might want to look into the following tools: | ||
* graverobber - grab important data from system | * graverobber - grab important data from system | ||
Revision as of 15:33, 4 October 2004
Notes on Presentations
Notes on Lab Session
Debian packages you might find usefull
You might want to look into the following tools:
- graverobber - grab important data from system
- ddrescue - spiced up dd
- sleuthkit, autopsy - forensic toolkit (includes inode cat, ...)
- fcrackzip - zip password cracker
- nasm - netwide disasembler
- e2undel - undelete for ext2
- ntfstools - undelete for ntfs
- bview - nice hex editor, vim-like
- bsdmainutils (includes hd), or vim (includes xxd)
