Are there any tools that can collection in EO1 or Forensic 7zip that doesn't require hardware or installed software?
Passmark's OSForensics can perform remote forensic imaging without the need to install any software locally or remotely.
Hi, you can also use FEX Imager and GetData Network Agent. The agent is a single executable. https://youtu.be/spUQre_9xUk
@panamabay12 the network agent is a single executable, you can try executing it remotely with MS Sysinternal's tools if you have necessary rights.
You can serve a disk or filesystem to a remote client with my DMSERVER tool. For example, to publish on port 8080:
DMSERVER /PORT:8080 \\.\PhysicalDrive3
You can image a remote target to E01 using the DMIMAGE tool. For example, with the previous example:
DMIMAGE /CREATE:example.e01 http://targetpc:8080
Â
The software is a work-in-progress. It is available free-of-charge to bona fide forensic practitioners and researchers. If this is you, please drop me a message.
Jim
www.forensicinternals.com