Difference between pages "GRR" and "Windows Forensic Toolchest"

From ForensicsWiki
(Difference between pages)
Jump to: navigation, search
 
 
Line 1: Line 1:
 +
{{Expand}}
 +
 
{{Infobox_Software |
 
{{Infobox_Software |
   name = GRR |
+
   name = Windows Forensic Toolchest (WFT_ |
   maintainer = [[Darren Bilby]] and others |
+
   maintainer = Fool Moon Software |
   os = {{Cross-platform}} |
+
   os = {{Windows}} |
 
   genre = {{Incident response}} |
 
   genre = {{Incident response}} |
   license = {{APL}} |
+
   license = {{commercial}} |
   website = [https://code.google.com/p/grr/ code.google.com/p/grr/] |
+
   website = [http://www.foolmoon.net/security/wft/ www.foolmoon.net/security/wft/] |
 
}}
 
}}
  
GRR is an Incident Response Framework focused on Remote Live Forensics.
+
== External Links ==
 
+
* [http://www.foolmoon.net/security/wft/ Official website]
The disk and file system analysis capabilities of GRR are provided by the [[sleuthkit]] and [[pytsk]] projects.
+
 
+
The memory analysis and acquisition capabilities of GRR are provided by the [[rekall]] project.
+
 
+
= See also =
+
* [[pytsk]]
+
* [[rekall]]
+
* [[sleuthkit]]
+
 
+
= External Links =
+
* [https://code.google.com/p/grr/ Project site]
+
* [https://code.google.com/p/grr/wiki/ProjectFAQ Project FAQ]
+
* [http://grr.googlecode.com/git/docs/index.html Documentation]
+
 
+
== Publications ==
+
* [http://static.googleusercontent.com/media/research.google.com/en/us/pubs/archive/37237.pdf Distributed forensics and incident response in the enterprise], by [[Michael Cohen]], [[Darren Bilby]], G. Caronni. Digital Investigation, 2011.
+
* [https://googledrive.com/host/0B9hc84IflFGbN2IwMTUyYTUtMTU0Mi00ZWQ3LWFhNDktM2IyMTg5MmY3OWI0/Hunting%20in%20the%20Enterprise:%20Forensic%20Triage%20and%20Incident%20Response Hunting in the enterprise: Forensic triage and incident response], by [[Andreas Moser]], [[Michael Cohen]], Digital Investigation, 2013.
+
 
+
== Presentations ==
+
* [https://googledrive.com/host/0B1wsLqFoT7i2N3hveC1lSEpHUnM/Docs/GRR%20Rapid%20Response%20-%20OSFC%202012.pdf OSDFC 2012 GRR Overview], by [[Darren Bilby]]
+
 
+
== Workshops ==
+
* [https://drive.google.com/?usp=chrome_app#folders/0B1wsLqFoT7i2eU1jU0JldW9JUU0 OSDFC workshop 2013], by [[Darren Bilby]]
+

Revision as of 04:24, 18 January 2014

Information icon.png

Please help to improve this article by expanding it.
Further information might be found on the discussion page.

Windows Forensic Toolchest (WFT_
Maintainer: Fool Moon Software
OS: Windows
Genre: Incident Response
License: Commercial
Website: www.foolmoon.net/security/wft/

External Links