search

muteb / Hoarder

This script is made to collect the most valiable artifacts for foreniscs or incident reponse investigation rather than imaging the whole har drive.
GNU General Public License v3.0
191 stars 19 forks source link

PYWIN32 #3

Closed ben4361 closed 4 years ago

ben4361 commented 4 years ago

Collecting pywin32 (from -r requirement.txt (line 5)) ERROR: Could not find a version that satisfies the requirement pywin32 (from -r requirement.txt (line 5)) (from versions: none) ERROR: No matching distribution found for pywin32 (from -r requirement.txt (line

Can this be used to collect windows artefacts from a Linux host?

AbdulRhmanAlfaifi commented 4 years ago

Hello ben, Unfortunately you can not. We use pywin32 to get the specified partition offset in the physical drive which allows us to copy locked files. However this is a good idea ! we will look into it more

Thank you for the suggestion :)