NEW SANS DFIR Cheat Sheet: A Guide to Eric Zimmerman\\'s command line tools

  • Friday, 07 Apr 2017 1:00PM EDT (07 Apr 2017 17:00 UTC)
  • Speaker: Eric Zimmerman

SANS Instructor and Former FBI Agent Eric Zimmerman has provided several open source command line tools free to the DFIR Community. These open source tools can be used in a wide variety of investigations including cross validation of tools, providing insight into technical details not exposed by other tools, and more. Eric's first Cheat Sheet contains usage for tools for lnk files, jump lists, prefetch, and other artifacts related to evidence of execution. This suite of tools allows for displaying relevant forensic data including exporting data to many commonly used formats. Join Eric as he walks you through his new Cheat Sheet to help you maximize the capabilities of his tools. Be one of the first to download this new SANS resource and take advantage of it in your investigations.

To download Eric Zimmerman's Free Open source Command Line Tools, visit: https://ericzimmerman.github.io/