Since the reports are essentially Word documents, you won't be able to filter them either. With a larger data set you will want to be judicious about what goes in the report, or make multiple smaller reports that you combine later. I understand these artifacts produce a ton of data, but what if that was actually your relevant findings? What good is a tool to make a report that can't actually make one? It probably would have been thousands of pages. And who knows how good those parsers are. This is probably because it parses event logs and file system journals. I attempted to use v7 to make a report of all artifacts EnCase parses via the case processor module (or whatever v7 calls it) and the report was so huge that it wouldn't even load. Irrelvant submissions will be pruned in an effort towards tidiness. Vote based on the quality of the content. Topics include digital forensics, incident response, malware analysis, and more. This subreddit is not limited to just the computers and encompasses all media that may also fall under digital forensics (e.g., cellphones, video, etc.). The field is the application of several information security principles and aims to provide for attribution and event reconstruction following forth from audit processes. A community dedicated towards the branch of forensic science encompassing the recovery and investigation of material found in digital devices, often in relation to computer crime.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |