Difference between revisions of "Summerschool Aachen 2004/Incident Research Lab"

From C4 Wiki
Jump to: navigation, search
(tools)
 
m
Line 3: Line 3:
  
 
== Notes on Lab Session ==
 
== Notes on Lab Session ==
 
+
=== Debian packages you might find usefull ===
 
You might want to look into the following tools:
 
You might want to look into the following tools:
 
* graverobber - grab important data from system
 
* graverobber - grab important data from system

Revision as of 15:33, 4 October 2004

Notes on Presentations

Notes on Lab Session

Debian packages you might find usefull

You might want to look into the following tools:

  • graverobber - grab important data from system
  • ddrescue - spiced up dd
  • sleuthkit, autopsy - forensic toolkit (includes inode cat, ...)
  • fcrackzip - zip password cracker
  • nasm - netwide disasembler
  • e2undel - undelete for ext2
  • ntfstools - undelete for ntfs
  • bview - nice hex editor, vim-like
  • bsdmainutils (includes hd), or vim (includes xxd)