DIGITAL FORENSICS:Automate Live Response
Live Response Collection – Cedarpelta Build – Automated tool that collects volatile data from Windows, OSX/macOS, and *nix based operating systems
1.Go to the Windows Live Response directory.
2. Double click on the “Windows Live Response Collection.exe” file.
3. A window will appear, similar to the one below:
4.Now, just to do a quick test, let’s use the third option titled “Secure-Triage” and
then click the “Run Selected Windows Live Response Script.”
5. It will take some time to complete and then you will be presented with a “Press any
key to continue.” Before you press the Enter key; make sure you have recorded the
key to open the encrypted 7zip archive. Without this key you won’t be able to open
the final archive; you have been warned.
6. I recommend that you open the archive and check its contents.Event Log
Network INfo.
Re. :brimorlabs
* หากมีข้อมูลข้อผิดพลาดประการใด ขออภัยมา ณ ที่นี้ด้วย รบกวนแจ้ง Admin เพื่อแก้ไขต่อไป
ขอบคุณครับ
#WindowsForensic #computerforensic #ComputerForensics #dfir #forensics #digitalforensics #investigation #cybercrime #fraud
No comments:
Post a Comment