ProDiscover IR v5.5

摘要

A previous favorite returns once again in the over-the-network forensics category. Technology Pathways ProDiscover Incident Response (IR) v5.5 offersrna clean interface and a strong forensics feature set. The product has all the traditional forensicrncapabilities, but it really shines when those features are carried out over-the-network. Additionally, the tool's integrated ProScript functionality allows investigators to quickly initiate common tasks, as well as not so common tasks, easily and efficiently.rnPushing out the tool's remote agent makes deployment as simple as possible. Additionally, this agent can be set to run in stealth mode in order to avoid tipping anybody off. Once deployed, the agent allows for the collection and analysis of numerous types of data. Of course, a full image of the target can be acquired as well. It is also worth noting that the live analysis now supports capturing RAM in Windows Vista and Server 2008. Another addition we like is the ability to search via pattern matching wildcards.