Zircolite Integration - Githubissues

DFIR-ORC / dfir-orc

Forensics artefact collection tool for systems running Microsoft Windows

https://dfir-orc.github.io

GNU Lesser General Public License v2.1

370 stars 42 forks source link

Zircolite Integration #54

Closed ZikyHD closed 2 years ago

ZikyHD commented 2 years ago

I am trying to integrate Zircolite in the DFIR Orc configuration. However, there seems to be a problem when the main executable tries to use the evtx_dump binary. zircolite_exec Config: dfir_orc_config Indeed, the extracted binary (indicated in input argument and added in tools folder) doesn't seem to be executable and the execution comes back with errors.

fabienfl-orc commented 2 years ago

Hello, fix should be merged in upcoming 10.0.22

fabienfl-orc commented 2 years ago

Will be fixed also on upcoming 10.1.0-rc8

ZikyHD commented 2 years ago

Hello, fix should be merged in upcoming 10.0.22

Just tested and it's now ok. Thanks 😉