Hello list,
Are there any other products out on the market with similar
functionality, specifically "capture as much information as possible
from a running system with the smallest potential impact"? Anything
else open-source with available code?
Thanks!
On 7 Jul 2006 14:59:03 -0000, mshannon@agilerm.net <mshannon@agilerm.net> wrote:
To all-
Agile Risk Management is committed to advancing information security
concepts, technology, and techniques. As such, we have recently released
Nigilant32, a freeware Windows GUI Incident Response tool based on the source
code provided by Sleuthkit.
Nigilant32 is an incident response tool designed to capture as much
information as possible from a running system with the smallest potential
impact. Nigilant32 has been developed with Windows 2000, XP, and 2003 in mind,
and should work fine with computers running one of those operating systems.
Nigilant32 is beta software and may not work in all instances.
The third article in our series of "Nigilant32 For First Responders" articles is
"Active Memory Imaging". This article covers using Nigilant32 to image the active
physical memory (RAM) of the suspect workstation or server to secure portable media. Make sure you
download the article, as the last pages contain a sneak preview of the current project being
developed in the Agile Research Lab.
We sincerely hope you find Nigilant32 useful, however please remember, it
is beta software therefore you should exercise good judgment when using it in
your IT environment.
Nigilant32, articles (as they are released), and modified Sleuthkit source
code (libsleuthkit) is available at http://www.agilerm.net/publications_4.html
Warmest Regards,
Matthew M Shannon, CIFI, CISSP
Principal - Computer Forensics and Litigation Support
Agile Risk Management LLC
2202 N Westshore Blvd, Suite 200
Tampa, FL 33607
(M) 813.732.5076
(O) 1.877.AGILE13 (877.244.5313)
www.agileriskmanagement.com
