About
Hubs

Tag "sleuthkit" – 1 item

Items

Sort by: Date tagged Date published

Incident Response with NTFS INDX Buffers – Part 1: Extracting an INDX Attribute

http://www.fireeye.com/blog/threat-research/2012/09/striking-gold-incident-response-ntfs-indx-buffers-part-1.html

T02 FireEye Threat Research 09/18/2012

william toolkit sleuthkit ntfs indx ftk forensics forensic encase buffers ballenthin