Difference between revisions of "Forensic Acquistion Utilities"

From COPTR
Jump to navigation Jump to search
(Import from spreadsheet via script.)
(added basic history and fixed broken url)
Line 2: Line 2:
 
|purpose=A collection of utilities and libraries intended for forensic or forensic-related investigative use in a modern Microsoft Windows environment.
 
|purpose=A collection of utilities and libraries intended for forensic or forensic-related investigative use in a modern Microsoft Windows environment.
 
|image=
 
|image=
|homepage=http://www.gmgsystemsinc.com/fau/
+
|homepage=http://www.gmgsystemsinc.info/fau/
|license=
+
|license= Open License
|platforms=
+
|platforms=Microsoft Windows
 
}}
 
}}
  
Line 12: Line 12:
  
 
= Description =
 
= Description =
A collection of utilities and libraries intended for forensic or forensic-related investigative use in a modern Microsoft Windows environment.
+
A collection of utilities and libraries intended for forensic or forensic-related investigative use in a modern Microsoft Windows environment. The components in the collection are intended to permit the investigator to sterilize media for forensic duplication, discover where logical volume information is located and to collect the evidence from a running computer system while at the same time ensuring data integrity (e.g. with a cryptographic checksums) and while minimizing distortive alterations to the subject system. The FAU is distributed under the GMG Systems, Inc. Open License.
 +
 
 +
it includes
 +
*Dd.exe:  An implementation inspired by the GNU dd utility program.
 +
*Volume_dump.exe: A utility to dump volume information and drive information and USN journals.
 +
*FMData.exe: A utility to collect files system metadata, to produce and verify security catalogs (cryptographic hash sets) using one or more cryptographic hash algorithms and to verify system binaries using the system file checker (SFC) API.
 +
* Wipe.exe:  A utility to sterilize media prior to forensic duplication.
 +
* Nc.exe:  Implantation of Netcat utility.
 +
*Zlib.dll:  A version of Jean-loup Gailly and Mark Adler’s Zlib (currently version 1.2.3).
 +
*Bzip2.dll:  A version of J. Seward’s bzip2 library (currently 1.0.4).
 +
*Boost_regex-vc80-mt-1_34.dll: Boost’s regular expression library.
 +
*Fauerror_xxx.dll: A series of dynamic link libraries (dll’s) that contain the localized language strings for FAU output.
 +
 
  
 
= User Experiences =
 
= User Experiences =
Line 18: Line 30:
  
 
= Development Activity =
 
= Development Activity =
 +
Forensic Acquisition Utilities (FAU) is a product of GMG Systems, Inc first release in 2002 by George M. Garner Jr. Version 1.5.0.2525 was released on 19 May 2016 and is available at http://www.gmgsystemsinc.info/fau/7d137db0-ae88-4519-a29e-42f5c5d591de/FAU-1.5.0.2525.zip
  
 
{{Infobox_tool_details
 
{{Infobox_tool_details
 
|ohloh_id=Forensic Acquistion Utilities
 
|ohloh_id=Forensic Acquistion Utilities
 
}}
 
}}

Revision as of 21:07, 22 May 2018

A collection of utilities and libraries intended for forensic or forensic-related investigative use in a modern Microsoft Windows environment.
Homepage:http://www.gmgsystemsinc.info/fau/
License: Open License
Platforms:Microsoft Windows


Description

A collection of utilities and libraries intended for forensic or forensic-related investigative use in a modern Microsoft Windows environment. The components in the collection are intended to permit the investigator to sterilize media for forensic duplication, discover where logical volume information is located and to collect the evidence from a running computer system while at the same time ensuring data integrity (e.g. with a cryptographic checksums) and while minimizing distortive alterations to the subject system. The FAU is distributed under the GMG Systems, Inc. Open License.

it includes

  • Dd.exe:  An implementation inspired by the GNU dd utility program.
  • Volume_dump.exe: A utility to dump volume information and drive information and USN journals.
  • FMData.exe: A utility to collect files system metadata, to produce and verify security catalogs (cryptographic hash sets) using one or more cryptographic hash algorithms and to verify system binaries using the system file checker (SFC) API.
  •  Wipe.exe:  A utility to sterilize media prior to forensic duplication.
  •  Nc.exe:  Implantation of Netcat utility.
  • Zlib.dll:  A version of Jean-loup Gailly and Mark Adler’s Zlib (currently version 1.2.3).
  • Bzip2.dll:  A version of J. Seward’s bzip2 library (currently 1.0.4).
  • Boost_regex-vc80-mt-1_34.dll: Boost’s regular expression library.
  • Fauerror_xxx.dll: A series of dynamic link libraries (dll’s) that contain the localized language strings for FAU output.


User Experiences

Development Activity

Forensic Acquisition Utilities (FAU) is a product of GMG Systems, Inc first release in 2002 by George M. Garner Jr. Version 1.5.0.2525 was released on 19 May 2016 and is available at http://www.gmgsystemsinc.info/fau/7d137db0-ae88-4519-a29e-42f5c5d591de/FAU-1.5.0.2525.zip

Error in widget Ohloh Project: unable to write file /var/www/html/extensions/Widgets/compiled_templates/wrt67421370b9e5e0_69344672