Common Classes Of Tools Flashcards
1
Q
Network Capturing and Monitoring tools
A
tcpdump - Linux and Unix command that captures traffic
Network Miner, Wireshark - tool for packet capture and analysis.
Microsoft Message Analyser - captures and displays network messaging traffic. Does everything the other two can do and analyse and aggregate log and trace files.
2
Q
Memory Aquisition tools
A
FTK Imager Lite - forensics tool for previewing recoverable data, creating forensic images. Self executable.
Volatility - o/s, uses Python, comes with various plugins
Memoryze - free, aquires and analyses memory images.
