'Re: Nigilant32 - Free Windows Incident Response Tool based on Sleuthkit - Final Article Released'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       forensics
Subject:    Re: Nigilant32 - Free Windows Incident Response Tool based on Sleuthkit - Final Article Released
From:       "Jason T. Hallahan" <jthallah () gmail ! com>
Date:       2006-07-12 20:46:19
Message-ID: aa0c615b0607121346q30e33d96kc1ee172f54c9d18a () mail ! gmail ! com
[Download RAW message or body]

Hello list,

Are there any other products out on the market with similar
functionality, specifically "capture as much information as possible
from a running system with the smallest potential impact"? Anything
else open-source with available code?

Thanks!

On 7 Jul 2006 14:59:03 -0000, mshannon@agilerm.net <mshannon@agilerm.net> wrote:
> To all-
> 
> 
> Agile Risk Management is committed to advancing information security concepts, \
> technology, and techniques. As such, we have recently released Nigilant32, a \
> freeware Windows GUI Incident Response tool based on the source code provided by \
> Sleuthkit. 
> 
> Nigilant32 is an incident response tool designed to capture as much information as \
> possible from a running system with the smallest potential impact. Nigilant32 has \
> been developed with Windows 2000, XP, and 2003 in mind, and should work fine with \
> computers running one of those operating systems. Nigilant32 is beta software and \
> may not work in all instances. 
> 
> The third article in our series of "Nigilant32 For First Responders" articles is \
> "Active Memory Imaging". This article covers using Nigilant32 to image the active \
> physical memory (RAM) of the suspect workstation or server to secure portable \
> media. Make sure you download the article, as the last pages contain a sneak \
> preview of the current project being developed in the Agile Research Lab. 
> 
> We sincerely hope you find Nigilant32 useful, however please remember, it is beta \
> software therefore you should exercise good judgment when using it in your IT \
> environment. 
> 
> Nigilant32, articles (as they are released), and modified Sleuthkit source code \
> (libsleuthkit) is available at http://www.agilerm.net/publications_4.html 
> 
> Warmest Regards,
> 
> 
> Matthew M Shannon, CIFI, CISSP
> 
> Principal - Computer Forensics and Litigation Support
> 
> Agile Risk Management LLC
> 
> 2202 N Westshore Blvd, Suite 200
> 
> Tampa, FL 33607
> 
> (M) 813.732.5076
> 
> (O) 1.877.AGILE13 (877.244.5313)
> 
> www.agileriskmanagement.com
> 
> 


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic