For many years now I’ve tried to do all my live collection on systems via command line scripts. The goal when I wrote the script (and still) is for this to be a fully-automated, single click execution. The reason being is that it allows me to hand the imaging task off to people that are technical […]

These are useful command lines that are all based on built-in Windows programs. They were tested on Windows 7, but most should be present on WinXP as well. Unlike the previous two blog posts, these are all about what is already present on the system. So, these are things you can do during live collection […]

There is no contesting that the command line in a Linux/Mac environment kicks Windows’s cmd.exe without even trying hard. There are entire blogs dedicated to how wonderful it is. But, most of the commercial forensics tools are Windows only, relegating many of us to that environment. My ideal setup is a Mac running Windows inside Fusion, […]