fls to get borntimes - Githubissues

bodik / defender

notes on applied computer security

https://bodik.github.io/defender

11 stars 9 forks source link

fls to get borntimes #9

Closed bodik closed 5 years ago

bodik commented 5 years ago

root@analysis-miner1:/data# fls -r -m / /dev/mapper/nbd0p2 > fls-timeline.txt
root@analysis-miner1:/data# mactime -y -d -b fls-timeline.txt > fls-timeline-mactimes.txt

bodik commented 5 years ago

resolved