By Chetan Gupta, NII Consulting A supposedly nightmarish tool for the investigator community! Recently this tool was released at the metasploit anti-forensics site and is available here. Like the website mentions, this tool can be a headche for any forensic investigator and a handy tool for any mischevious since it has the ability to change […]
by Chetan Gupta, NII Consulting I was looking for a utility which allows me to remotely access running processes’ list of a suspect machine running Windows OS. I found this wonderful utility which allows to not only view the processses and their PIDs but also filter the processes according to the certain criteria such as […]
by Chetan Gupta, NII Consulting Windows XP has a built-in feature – UserAssist, that acts as a monitoring tool and greatly aids in the forensic investigation of Windows operating systems. UserAssist records user access of specific objects on the system, such as executables, Control Panel applets, shortcut files, etc. This is stored in the registry […]
