Uncategorized

ftriage: automating forensic artifact acquisition, reduction, and analysis

My attempt at automating forensic artifact acquisition, reduction, and analysis.

fTriage leverages dozens of popular, open source tools to triage suspect memory/disk image(s). Each script automates a step in the investigation an analyst would otherwise perform manually. Moreover, I’ve written a wrapper to execute collections of data acquisition scripts. There is no limit to how many scripts you can run at once, but naturally there are some that need to be run before others, review the “Recommended Usage” section for example usage of prebuilt script lists.

https://github.com/matthewclarkmay/ftriage

 

Standard

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s