![]() ![]() Reorganized the output files and directories in a more logical manner. ![]() DFIRtriage may be ran from a USB drive or executed remotely on the target host. Upon execution, select host data and information will be gathered and placed into the execution directory. ![]() AboutĭFIRtriage is an incident response tool designed to provide the Incident Responder with rapid host data. The goal is to equip the Incident Responder with the tools needed to gather and analyze data quickly. Also included is detailed information to help with analysis of the output. This document outlines the functionality and proper use of the DFIRtriage tool. To run, drop dfirtriage.exe on the target or connected USB drive and execute with admin rights, -h for help.ĭFIRTriage v6.0 User's Manual Description Digital forensic acquisition tool for Windows-based incident response. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |