I am curious what software everyone has on the laptop n their go kit? Also, what software do you have installed?
Tom
I am trying to get a sense of what others have setup. That way I know I am on the correct tract. People help.
Best,
Tom
It's kind of a vague question you've asked. What is the intended purpose of your laptop?
I carry a MacBook Pro. But are you concerned with IR software, standard business software, or forensic software? My MBP is built to use both OSX and Windows with lots of tools on both. I could list all of the stuff installed but its a big list. Though knowing your intended use could Taylor my list a bit.
Thanks for the response Dave. It is I intended for IR, field cell phone and traditional forensics, when one things need to be done in the field.
It's kind of a vague question you've asked. What is the intended purpose of your laptop?
I carry a MacBook Pro. But are you concerned with IR software, standard business software, or forensic software? My MBP is built to use both OSX and Windows with lots of tools on both. I could list all of the stuff installed but its a big list. Though knowing your intended use could Taylor my list a bit.
Would you mind emailing me your lists? Tom@gentekk-research.org
Best
Tom
- A Wiebetech Combodock
- X-Ways Forensics (latest version)
- A good text editor like Edit Pad Pro or Ultraedit
- Some of my own tools
- A mobile Internet connection
Thank you Eric
I carry a Cellebrite UFED Ultimate, Tableau Ultrablocks, several external HDD's, Paladin 4 Boot disks, portable external internet connection, and a MacBook Pro as main pieces of equipment in my vehicle.
On the PC side
Software Writeblock (I use ACES-LE, but DSI and Fastbloc are also popular)
FTK Imager
FTK Imager Lite to put on external media for collections
Registry Viewer
PRTK
FTK v4 (rarely used in field)
EnCase v6 (Used a lot in field for triage)
Magnet Forensics IEF Triage
NetAnalysis
HstEx
Passware Forensic
osTriage (Thanks Erik!)
Triage-IR
SnagIt
Camtasia
NetScan
Wireshark
F-Response
VMWare Workstation
Paragon HFS for Windows
Volatility
MFTDump
MS Office Suite
Cellebrite Report Manager
Cellebrite Physical Analyzer
SQLite Manager
On the Mac side
BlackBagTech Softblock
Macports
DCFLDD
Parallels
VMWare Fusions
MacQuisition
Katana Forensics Lantern
Lantern Lite Imager
BlackBagTech BlackLight
John the Ripper
DaveGrohl
FileJuicer
Emailchemy
Wireshark
Kismet
FSEventer
XCode
SynalyzeIt Pro
Pages, Numbers, Keynote
MesaSQLite
Crowbar DMG
Crowbar KC
Paragon NTFS
There are many others for both sides. This is a complicated listing of tools and I am working to get it condensed. We are looking to pick up iLook and X-Ways at the fiscal year. This should help some with field work.
Why are you looking at ilook? I checked into it a bit but it was stupid expensive and the sales people wouldn't provide straight answers
I carry a Cellebrite UFED Ultimate, Tableau Ultrablocks, several external HDD's, Paladin 4 Boot disks, portable external internet connection, and a MacBook Pro as main pieces of equipment in my vehicle.
On the PC side
Software Writeblock (I use ACES-LE, but DSI and Fastbloc are also popular)
FTK Imager
FTK Imager Lite to put on external media for collections
Registry Viewer
PRTK
FTK v4 (rarely used in field)
EnCase v6 (Used a lot in field for triage)
Magnet Forensics IEF Triage
NetAnalysis
HstEx
Passware Forensic
osTriage (Thanks Erik!)
Triage-IR
SnagIt
Camtasia
NetScan
Wireshark
F-Response
VMWare Workstation
Paragon HFS for Windows
Volatility
MFTDump
MS Office Suite
Cellebrite Report Manager
Cellebrite Physical Analyzer
SQLite ManagerOn the Mac side
BlackBagTech Softblock
Macports
DCFLDD
Parallels
VMWare Fusions
MacQuisition
Katana Forensics Lantern
Lantern Lite Imager
BlackBagTech BlackLight
John the Ripper
DaveGrohl
FileJuicer
Emailchemy
Wireshark
Kismet
FSEventer
XCode
SynalyzeIt Pro
Pages, Numbers, Keynote
MesaSQLite
Crowbar DMG
Crowbar KC
Paragon NTFSThere are many others for both sides. This is a complicated listing of tools and I am working to get it condensed. We are looking to pick up iLook and X-Ways at the fiscal year. This should help some with field work.
How is is os triage and crowbar?