A small collection of scritps that can be used during the triage process during a DFIR investigation.
Output from each utility is printed to a dedicated text file to be reviewed independently and submitted as part of the DFIR process.
A Windows script that collects IP addresses, running processes, users, groups, and other information from Windows based systems using the Windows Batch scripting language.
Output from each utility is printed to a dedicated text file to be reviewed independently and submitted as part of the DFIR process.
A Windows script that collects IP addresses, running processes, users, groups, and other information from Windows based systems using the Windows PowerShell scripting language.
Output from each utility is printed to a dedicated text file to be reviewed independently and submitted as part of the DFIR process.
A Linux script that collects IP addresses, running processes, users, groups, and other information from Linux based systems using the Bash scripting language.
Output from each utility is printed to a dedicated text file to be reviewed independently and submitted as part of the DFIR process.