File Name: IRCR Version 2.3 (zip)
Description:
 

*** Use with Helix v1.8 only ***

The Incident Response Collection Report is a script to call a collection of tools that gathers
and/or analyzes data on a Microsoft Windows system. You can think of this as a snapshot of the
system in the past. Most of the tools are oriented towards data collection rather than analysis.

Changes:

 

Various:

Fixed all path and command locations to meet Helix v1.8 areas
Added USBDeview.exe from Nirsoft
Added history.dat
Added Foundstone tool pasco.exe
MD5 Checksum: 98D72034D5D39C40A39CC6FB8B2C53EA
Requirements: Make sure you read the README.txt in the zip file and you will need the Helix version 1.8 "IR" folder
in order to run IRCRv2. You can download Helix here.

File Name: IRCR Version 2.2 (zip)
Description:
 		 The Incident Response Collection Report is a script to call a collection of tools that gathers
and/or analyzes data on a Microsoft Windows system. You can think of this as a snapshot of the
system in the past. Most of the tools are oriented towards data collection rather than analysis.
Changes: Various
MD5 Checksum: 586E4AFAC375282FFCBD44DDF326BC59
Requirements: Make sure you read the README.txt in the zip file and you will need the Helix version 1.7 "IR" folder
in order to run IRCRv2. You can download Helix here.

File Name: IRCR Version 2.1 (zip)
Description:
 		 Incident Response Collection Report version 2 is a complete code change from Perl to DOS batch
file. Anyone should be able to modify the batch file to suite your needs.
Changes: Various
MD5 Checksum: 7061fd54ada29878c7b513b9cff1bc39
Requirements: Make sure you read the README.txt in the zip file and you will need the Helix version 1.7 "IR" folder
in order to run IRCRv2. You can download Helix here.

File Name: MacHash (zip, src)
Description:
 		 View MAC times and hash a file. Just unzip into whatever directory. Written in Visual Basic 6.
Changes: Various
MD5 Checksum: 50aa57e799968ec1a023acbf7f82f31a
Requirements: Visual Basic Runtime v6.0 - You may need this to run machash. It depends on how your computer was setup. (Exe)


eXTReMe Tracker