TCT is a collection of tools which are geared towards gathering and analyzing forensic data UNIX system after a break-in. TCT features the grave-robber tool which captures information, the ils and mactime tools that display access patterns of files dead or alive, the unrm and lazarus tools that recover deleted files, and the keyfind tool that recovers cryptographic keys from a running process or from files. TCT is tested on Linux, BSD, Solaris, and SunOS. For more information see the handouts from Dan Farmer and Wietse Venema's computer forensics analysis class.
4c8e343453332bd1fdf0627f9b888e2a4f597e70b367f124cc7f2562558213a1
TCT is a collection of tools which are geared towards gathering and analyzing forensic data UNIX system after a break-in. TCT features the grave-robber tool which captures information, the ils and mactime tools that display access patterns of files dead or alive, the unrm and lazarus tools that recover deleted files, and the keyfind tool that recovers cryptographic keys from a running process or from files. TCT is tested on Linux, BSD, Solaris, and SunOS. For more information see the handouts from Dan Farmer and Wietse Venema's computer forensics analysis class.
40c43f9dd527192a2d17123c639020ca7431eb4a2af3dc31432c14373fcc0856
TCT is a collection of tools which are geared towards gathering and analyzing forensic data UNIX system after a break-in. TCT features the grave-robber tool which captures information, the ils and mactime tools that display access patterns of files dead or alive, the unrm and lazarus tools that recover deleted files, and the keyfind tool that recovers cryptographic keys from a running process or from files. TCT is tested on Linux, BSD, Solaris, and SunOS. For more information see the handouts from Dan Farmer and Wietse Venema's computer forensics analysis class.
e4438d2f382400b4536a7defbae70fd2a6c1e333051c013b1c5bebb0630a46cd
TCT is a collection of tools which are geared towards gathering and analyzing forensic data UNIX system after a break-in. TCT features the grave-robber tool which captures information, the ils and mactime tools that display access patterns of files dead or alive, the unrm and lazarus tools that recover deleted files, and the keyfind tool that recovers cryptographic keys from a running process or from files. TCT is tested on Linux, BSD, and Solaris. For more information see the handouts from Dan Farmer and Wietse Venema's computer forensics analysis class.
fce955a06d118664ebcbb0d9360ef897a8c0150f57b63742153a2faa4d4d662b
Cops and Robbers.
caf47149c569124818a58fd9ed0e26c78ca1419aa2e179bf6d545d84ed239215