Difference between revisions of "Summerschool Aachen 2004/Incident Research Lab"
Mario Manno (talk | contribs) m |
|||
| Line 1: | Line 1: | ||
| + | [http://md.hudora.de/presentations/summerschool/2004-10-04/ Slides] | ||
| + | |||
== Notes on Presentations == | == Notes on Presentations == | ||
Revision as of 15:43, 4 October 2004
Notes on Presentations
Notes on Lab Session
Debian packages you might find usefull
You might want to look into the following tools:
- graverobber - grab important data from system
- ddrescue - spiced up dd
- sleuthkit, autopsy - forensic toolkit (includes inode cat, ...)
- fcrackzip - zip password cracker
- nasm - netwide disasembler
- e2undel - undelete for ext2
- ntfstools - undelete for ntfs
- bview - nice hex editor, vim-like
- bsdmainutils (includes hd), or vim (includes xxd)
