Difference between revisions of "Forensic Acquisition Utilities"

From COPTR
Jump to navigation Jump to search
(Created page with "{{Infobox_tool |purpose=A collection of utilities and libraries intended for forensic or forensic-related investigative use in a modern Microsoft Windows environment. |image= ...")
 
 
Line 1: Line 1:
{{Infobox_tool
+
{{Infobox tool
 
|purpose=A collection of utilities and libraries intended for forensic or forensic-related investigative use in a modern Microsoft Windows environment.
 
|purpose=A collection of utilities and libraries intended for forensic or forensic-related investigative use in a modern Microsoft Windows environment.
|image=
 
 
|homepage=http://www.gmgsystemsinc.info/fau/
 
|homepage=http://www.gmgsystemsinc.info/fau/
|license= Open License
+
|license=Open License
 
|platforms=Microsoft Windows
 
|platforms=Microsoft Windows
 +
|function=Forensic
 +
}}
 +
{{Infobox tool details
 +
|ohloh_id=Forensic Acquistion Utilities
 
}}
 
}}
 
<!-- Delete the Categories that do not apply -->
 
[[Category:Forensic]]
 
 
 
 
= Description =
 
= Description =
 
A collection of utilities and libraries intended for forensic or forensic-related investigative use in a modern Microsoft Windows environment.  The components in the collection are intended to permit the investigator to sterilize media for forensic duplication, discover where logical volume information is located and to collect the evidence from a running computer system while at the same time ensuring data integrity (e.g. with a cryptographic checksums) and while minimizing distortive alterations to the subject system. The FAU is distributed under the GMG Systems, Inc. Open License.
 
A collection of utilities and libraries intended for forensic or forensic-related investigative use in a modern Microsoft Windows environment.  The components in the collection are intended to permit the investigator to sterilize media for forensic duplication, discover where logical volume information is located and to collect the evidence from a running computer system while at the same time ensuring data integrity (e.g. with a cryptographic checksums) and while minimizing distortive alterations to the subject system. The FAU is distributed under the GMG Systems, Inc. Open License.
Line 31: Line 29:
 
= Development Activity =
 
= Development Activity =
 
Forensic Acquisition Utilities (FAU) is a product of GMG Systems, Inc first release in 2002 by George M. Garner Jr. Version 1.5.0.2525 was released on 19 May 2016 and is available at https://web.archive.org/web/20160719193011/http://www.gmgsystemsinc.info/fau/7d137db0-ae88-4519-a29e-42f5c5d591de/FAU-1.5.0.2525.zip
 
Forensic Acquisition Utilities (FAU) is a product of GMG Systems, Inc first release in 2002 by George M. Garner Jr. Version 1.5.0.2525 was released on 19 May 2016 and is available at https://web.archive.org/web/20160719193011/http://www.gmgsystemsinc.info/fau/7d137db0-ae88-4519-a29e-42f5c5d591de/FAU-1.5.0.2525.zip
 
{{Infobox_tool_details
 
|ohloh_id=Forensic Acquistion Utilities
 
}}
 

Latest revision as of 14:42, 22 April 2021



A collection of utilities and libraries intended for forensic or forensic-related investigative use in a modern Microsoft Windows environment.
Homepage:http://www.gmgsystemsinc.info/fau/
License:Open License
Platforms:Microsoft Windows
Function:Forensic


Error in widget Ohloh Project: unable to write file /var/www/html/extensions/Widgets/compiled_templates/wrt6743193f408436_04121982


Description[edit]

A collection of utilities and libraries intended for forensic or forensic-related investigative use in a modern Microsoft Windows environment. The components in the collection are intended to permit the investigator to sterilize media for forensic duplication, discover where logical volume information is located and to collect the evidence from a running computer system while at the same time ensuring data integrity (e.g. with a cryptographic checksums) and while minimizing distortive alterations to the subject system. The FAU is distributed under the GMG Systems, Inc. Open License.

it includes

  • Dd.exe: An implementation inspired by the GNU dd utility program.
  • Volume_dump.exe: A utility to dump volume information and drive information and USN journals.
  • FMData.exe: A utility to collect files system metadata, to produce and verify security catalogs (cryptographic hash sets) using one or more cryptographic hash algorithms and to verify system binaries using the system file checker (SFC) API.
  • Wipe.exe: A utility to sterilize media prior to forensic duplication.
  • Nc.exe: Implantation of Netcat utility.
  • Zlib.dll: A version of Jean-loup Gailly and Mark Adler’s Zlib (currently version 1.2.3).
  • Bzip2.dll: A version of J. Seward’s bzip2 library (currently 1.0.4).
  • Boost_regex-vc80-mt-1_34.dll: Boost’s regular expression library.
  • Fauerror_xxx.dll: A series of dynamic link libraries (dll’s) that contain the localized language strings for FAU output.


User Experiences[edit]

Development Activity[edit]

Forensic Acquisition Utilities (FAU) is a product of GMG Systems, Inc first release in 2002 by George M. Garner Jr. Version 1.5.0.2525 was released on 19 May 2016 and is available at https://web.archive.org/web/20160719193011/http://www.gmgsystemsinc.info/fau/7d137db0-ae88-4519-a29e-42f5c5d591de/FAU-1.5.0.2525.zip