Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update bat for live parsing #7

Closed
nwf9 opened this issue Jan 22, 2019 · 4 comments
Closed

Update bat for live parsing #7

nwf9 opened this issue Jan 22, 2019 · 4 comments
Assignees
@diogo-fernan
Labels
enhancement wontfix

Comments

@nwf9
Copy link

nwf9 commented Jan 22, 2019

Hi Diogo,

Is it possible to update your batch script to include the live command capabilites for Eric Zimmerman tools like MFT,Amcache and so on.
@diogo-fernan
Copy link
Owner

Hey there,

What do you mean by live command capabilities? To provide support for customization of command parameters for the tools of Eric Zimmerman and possibly others?

Cheers

@diogo-fernan diogo-fernan self-assigned this Jan 26, 2019
@nwf9
Copy link
Author

nwf9 commented Jan 30, 2019

I mean live response instead of collecting all those artifact.

@diogo-fernan
Copy link
Owner

That would be a new tool entirely that falls out of the scope of batch forensics that this utility was written for. Have a look at https://github.com/google/grr for a live forensics tool.

@nwf9
Copy link
Author

nwf9 commented Feb 3, 2019

I’m not talking about an agent but only an improvement of this script to handle the locked files instead of grab something.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@diogo-fernan diogo-fernan

Labels
enhancement wontfix
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@nwf9 @diogo-fernan