all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Remote Forensics on Live Systems

Add to bookmarks
June 13, 2022, 1:58 p.m. | /u/kevinelwell

Computer Forensics www.reddit.com

I posted in /r/CrowdStrike about [using Real Time Response to perform forensics](https://www.reddit.com/r/crowdstrike/comments/vbcmyo/rtr_forensics/).

TL;DR

While CrowdStrike offers Falcon Forensics, some organizations have not purchased it. I have seen a post mentioning [KAPE, Kansa and PowerForensics](https://www.reddit.com/r/crowdstrike/comments/iyunpu/kape_with_rtr/). However, both the Kansa and PowerForensics projects seem to be unmaintained.

Additionally, there were concerns about using KAPE as it could over-write memory, HDD space, etc. For Falcon Forensics, an EXE has to be copied (if not already present on the endpoint) and executed. Couldn't that …

computerforensics forensics live systems

Visit resource

More from www.reddit.com / Computer Forensics

Horus v1.2.1 Released! (An OSINT / digital forensics tool built in Python - formerly 'Sentinel') 2 days, 13 hours ago | www.reddit.com
1.2.1 api assistance computerforensics +16
Any recommendations for textbooks I can read to get an introduction to digital forensics? 6 days ago | www.reddit.com
books can cissp computerforensics +10
Software Recommendations 6 days, 19 hours ago | www.reddit.com
aim appointments cellebrite clients +19
Interesting argument in Qualification and Forensics tools 1 week ago | www.reddit.com
argument computerforensics forensics forensics tools +1
Online websites or resources for DFIR reports 1 week, 1 day ago | www.reddit.com
actor attack blog computerforensics +12
Autopsy How can i fix this grey out tab? 1 week, 1 day ago | www.reddit.com
autopsy can computerforensics fix +1
Sentinel - A digital forensics / investigations assistance tool built with Python 1 week, 2 days ago | www.reddit.com
api assistance called computerforensics +14
2024 Internships for Undergraduates 1 week, 2 days ago | www.reddit.com
colleges companies computerforensics conference +11
TPM - capture process 1 week, 2 days ago | www.reddit.com
boot can capture cold +17

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Penetration Tester

@ Resillion | Bengaluru, India
View on infosec-jobs.com

Senior Backend Software Engineer (Java) - Privacy Engineering (Open to remote across ANZ)

@ Canva | Sydney, Australia
View on infosec-jobs.com

(Senior) Information Security Professional (w/m/d)

@ IONOS | Deutschland - Remote
View on infosec-jobs.com

Information Security (Incident Response) Intern

@ Eurofins | Katowice, Poland
View on infosec-jobs.com

Game Penetration Tester

@ Magic Media | Belgrade, Vojvodina, Serbia - Remote
View on infosec-jobs.com
View more jobs