The Forensic ToolKit contains several Win32 Command line tools that help you examine the files on a NTFS disk partition for unauthorized activity. This tool is a file properties analyzer. It performs numerous functions such as examine the files on a disk drive for unauthorized activity, lists files by their last access time, search for access times between certain time frames, scan the disk for hidden files and data streams. The Forensic toolkit will also dump file and security attributes, report on audited files, discover altered ACL's and see if a server reveals too much info via NULL sessions.
http://www.foundstone.com/knowledge/free_tools.html
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment