-
The legacy wiki had no instructions for Bulk Reviewer. Add instructions from Quick Start Guide under Forensics and Reporting: [Scanning Disk Images and Directories with Bulk Reviewer](https://github.c…
-
As a CSIRC analyst I want my Axiom Magnet workstation to be able to acquire the right credentials so that I can carry out a forensic capture of Azure VMs in the EC Azure IaaS/PaaS tenant.
- Change it…
-
Bytes should store the following (additional) information per job:
- The hash of the code/image used to run the boefje
- Docker image --> Is also OCI image
- Zip of local dir
- OC…
-
Are there any memory forensics tools built into GRR? Most online resources point to Rekall, but according to #448, Rekall support has been deprecated.
-
```
This is the successor of log2timeline.
Home page is here: http://plaso.kiddaland.net
There's a lot of dependencies (thanks to the great work of Joachim Metz).
Attached here all ebuilds needed.
`…
-
Why does MultibootUSB install "slitaz.bs" as bootloader on GRML-forensic?
MENU LABEL grml64-forensic_2017.09-1
BOOT /multibootusb/grml64-forensic_2017.09-1/boot/isolinux/slitaz.bs
#end grml64-for…
-
**Context:** Running _selfie_.
**Environment:** Postmortem analysis using the _dso-bootcamp-forensics_ account.
**Use Case:** Making forensic instance image snapshots using _selfie_.
**Problem:** T…
-
-
-
From http://forum.sleuthkit.org/viewtopic.php?f=7&t=43:
Can TSK/Autopsy include capabilities to do video and photo forensics? Maybe leverage the Gimp platform by having a plugin?
Something like the …