📝 Notes🔒 SecurityOthersUtils Tools

[Tools] Utils Tools

Autopsy (ex1,3)

Full scan and check USB / Hard Driver files and folders

  • Generate a report of all files with like (images, docs, pdf, video, HTML…)
  • Can view single file hexadecimal(Hex)

Sleuthkit (ex5)

Analyze disk images and recover files from them

  • Can see harddisk file system, OS, volume ID or serial number, volume label or name, sector or inode size, cluster or block size…

HashCalc (ex6,7)

Allows to compute message digests, checksums and HMACs for files, as well as for text and hex strings.

  • See info like MD5 hash
  • wolframalpha can see SHA1 and MD5 (ex6)

FTK (Forensic Toolkit) Imager (ex4, 8)

Full scan and examine USB / Hard Driver informations

  • Can see sectors per track the sector size…
  • Recover files / folders

Registry Editor (ex2, 10)

Windows conrtoller

  • StorageDevicePolicies -> (WriteProtect[1] = locked): Lock the USB read / write permission
  • Check windows info (code, date…)

WinHex (ex9)

Check all files headers (file signatures) https://www.garykessler.net/library/file_sigs.html

WRR (Windows Registry Recovery) (ex11)

Recover all Registry and see details with GUI.

RegRipper (ex12)

Recover all Registry, generate logs see details.

ExifRead (ex13)

Exam images Exif data

Privilege EscalationInformation Gathering Tool