Regimented Potential Incident Examination Report

From ForensicsWiki
Revision as of 18:19, 6 May 2007 by Pdxsharkey (Talk | contribs)

Jump to: navigation, search

Information icon.png

Please help to improve this article by expanding it.
Further information might be found on the discussion page.

Description

The Regimented Potential Incident Examination Report (RPIER or RAPIER) is script based incident response tool released under the GPL by Intel. It is a modular framework.

RAPIER is a windows NT based information gathering framework. It was designed to streamline the acquisition of information off of systems in a large scale enterprise network. It was designed with a pretty simple to use GUI so that end-users could be walked through execution of the tool on a system.

Features

  • Modular Design
  • Fully configurable GUI
  • SHA1 verification checksums
  • Auto-update functionality
  • Results can be auto-zipped
  • Auto-uploaded to central repository
  • Email Notification when results are received
  • 2 Default Scan Modes – Fast/Slow
  • Separated output for faster analysis
  • Pre/Post run changes report
  • Configuration File approach
  • Process priority throttling


See Also

List of Script Based Incident Response Tools

External Links