Editing Forensic Acquistion Utilities

Jump to navigation Jump to search

Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.

The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then save the changes below to finish undoing the edit.

Latest revision Your text
Line 1: Line 1:
#REDIRECT [[Forensic Acquisition Utilities]]
 
 
 
{{Infobox_tool
 
{{Infobox_tool
|purpose=A collection of utilities and libraries intended for forensic or forensic-related investigative use in a modern Microsoft Windows environment.
+
|purpose= A collection of utilities and libraries intended for forensic or forensic-related investigative use in a modern Microsoft Windows environment.
 
|image=
 
|image=
|homepage=http://www.gmgsystemsinc.info/fau/
+
|homepage= http://www.gmgsystemsinc.com/fau/
|license= Open License
+
|license=
|platforms=Microsoft Windows
+
|platforms=
 
}}
 
}}
  
Line 14: Line 12:
  
 
= Description =
 
= Description =
A collection of utilities and libraries intended for forensic or forensic-related investigative use in a modern Microsoft Windows environment. The components in the collection are intended to permit the investigator to sterilize media for forensic duplication, discover where logical volume information is located and to collect the evidence from a running computer system while at the same time ensuring data integrity (e.g. with a cryptographic checksums) and while minimizing distortive alterations to the subject system. The FAU is distributed under the GMG Systems, Inc. Open License.
+
A collection of utilities and libraries intended for forensic or forensic-related investigative use in a modern Microsoft Windows environment.
 
 
it includes
 
*Dd.exe:  An implementation inspired by the GNU dd utility program.
 
*Volume_dump.exe: A utility to dump volume information and drive information and USN journals.
 
*FMData.exe: A utility to collect files system metadata, to produce and verify security catalogs (cryptographic hash sets) using one or more cryptographic hash algorithms and to verify system binaries using the system file checker (SFC) API.
 
* Wipe.exe:  A utility to sterilize media prior to forensic duplication.
 
* Nc.exe:  Implantation of Netcat utility.
 
*Zlib.dll:  A version of Jean-loup Gailly and Mark Adler’s Zlib (currently version 1.2.3).
 
*Bzip2.dll:  A version of J. Seward’s bzip2 library (currently 1.0.4).
 
*Boost_regex-vc80-mt-1_34.dll: Boost’s regular expression library.
 
*Fauerror_xxx.dll: A series of dynamic link libraries (dll’s) that contain the localized language strings for FAU output.
 
 
 
  
 
= User Experiences =
 
= User Experiences =
Line 32: Line 18:
  
 
= Development Activity =
 
= Development Activity =
Forensic Acquisition Utilities (FAU) is a product of GMG Systems, Inc first release in 2002 by George M. Garner Jr. Version 1.5.0.2525 was released on 19 May 2016 and is available at https://web.archive.org/web/20160719193011/http://www.gmgsystemsinc.info/fau/7d137db0-ae88-4519-a29e-42f5c5d591de/FAU-1.5.0.2525.zip
 
 
{{Infobox_tool_details
 
|ohloh_id=Forensic Acquistion Utilities
 
}}
 

Please note that all contributions to COPTR are considered to be released under the Attribution-ShareAlike 3.0 Unported (see COPTR:Copyrights for details). If you do not want your writing to be edited mercilessly and redistributed at will, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource. Do not submit copyrighted work without permission!

To edit this page, please answer the question that appears below (more info):

Cancel Editing help (opens in new window)

Templates used on this page:

Retrieved from ‘https://coptr.digipres.org/index.php/Forensic_Acquistion_Utilities