ForensicsWiki will continue to operate as it has before and will not be shutting down. Thank you for your continued support of ForensicsWiki.

Difference between pages "GRR" and "Windows Forensic Toolchest"

From ForensicsWiki
(Difference between pages)
Jump to: navigation, search
 
 
Line 1: Line 1:
 +
{{Expand}}
 +
 
{{Infobox_Software |
 
{{Infobox_Software |
   name = GRR |
+
   name = Windows Forensic Toolchest (WFT_ |
   maintainer = [[Darren Bilby]] and others |
+
   maintainer = Fool Moon Software |
   os = {{Cross-platform}} |
+
   os = {{Windows}} |
 
   genre = {{Incident response}} |
 
   genre = {{Incident response}} |
   license = {{APL}} |
+
   license = {{commercial}} |
   website = [https://code.google.com/p/grr/ code.google.com/p/grr/] |
+
   website = [http://www.foolmoon.net/security/wft/ www.foolmoon.net/security/wft/] |
 
}}
 
}}
  
GRR is an Incident Response Framework focused on Remote Live Forensics.
+
== External Links ==
 
+
* [http://www.foolmoon.net/security/wft/ Official website]
The disk and file system analysis capabilities of GRR are provided by the [[sleuthkit]] and [[pytsk]] projects.
+
 
+
The memory analysis and acquisition capabilities of GRR are provided by the [[rekall]] project.
+
 
+
= See also =
+
* [[pytsk]]
+
* [[rekall]]
+
* [[sleuthkit]]
+
 
+
= External Links =
+
* [https://code.google.com/p/grr/ Project site]
+
* [https://code.google.com/p/grr/wiki/ProjectFAQ Project FAQ]
+
* [http://grr.googlecode.com/git/docs/index.html Documentation]
+
 
+
== Publications ==
+
* [http://static.googleusercontent.com/media/research.google.com/en/us/pubs/archive/37237.pdf Distributed forensics and incident response in the enterprise], by [[Michael Cohen]], [[Darren Bilby]], G. Caronni. Digital Investigation, 2011.
+
* [https://googledrive.com/host/0B9hc84IflFGbN2IwMTUyYTUtMTU0Mi00ZWQ3LWFhNDktM2IyMTg5MmY3OWI0/Hunting%20in%20the%20Enterprise:%20Forensic%20Triage%20and%20Incident%20Response Hunting in the enterprise: Forensic triage and incident response], by [[Andreas Moser]], [[Michael Cohen]], Digital Investigation, 2013.
+
 
+
== Presentations ==
+
* [https://googledrive.com/host/0B1wsLqFoT7i2N3hveC1lSEpHUnM/Docs/GRR%20Rapid%20Response%20-%20OSFC%202012.pdf OSDFC 2012 GRR Overview], by [[Darren Bilby]]
+
 
+
== Workshops ==
+
* [https://drive.google.com/?usp=chrome_app#folders/0B1wsLqFoT7i2eU1jU0JldW9JUU0 OSDFC workshop 2013], by [[Darren Bilby]]
+

Revision as of 09:24, 18 January 2014

Information icon.png

Please help to improve this article by expanding it.
Further information might be found on the discussion page.

Windows Forensic Toolchest (WFT_
Maintainer: Fool Moon Software
OS: Windows
Genre: Incident Response
License: Commercial
Website: www.foolmoon.net/security/wft/

External Links