Difference between revisions of "Mac-robber"

From SleuthKitWiki
Jump to: navigation, search
(created page.)
 
Line 3: Line 3:
 
Unlike the [[TSK]] tools, mac-robber relies on the OS to gather information about a mounted file system.  This makes it more vulnerable to rootkits, but it allows an investigator to collect data on file systems that are not supported by TSK.  
 
Unlike the [[TSK]] tools, mac-robber relies on the OS to gather information about a mounted file system.  This makes it more vulnerable to rootkits, but it allows an investigator to collect data on file systems that are not supported by TSK.  
  
[http://www.sleuthkit.org/mac-robber/ http://www.sleuthkit.org/mac-robber/]
+
* [http://www.sleuthkit.org/mac-robber/ http://www.sleuthkit.org/mac-robber/]
 +
* [http://www.pokerworld88.com/ Poker Online]
 +
* [http://www.musimdomino.com/ Domino Online]
 +
* [http://www.texaspoker83.com/ Texas Poker]
 +
* [http://www.specialispoker.com/ Poker Online]
 +
* [http://www.mejapoker88.com/ Poker Indonesia]
 +
* [http://www.dinastipoker.com Agen Domino99]

Revision as of 19:03, 12 November 2015

mac-robber is an open source tool that can be used to collect time information from a live computer. The output of this tool can be used to make a timeline of file activity.

Unlike the TSK tools, mac-robber relies on the OS to gather information about a mounted file system. This makes it more vulnerable to rootkits, but it allows an investigator to collect data on file systems that are not supported by TSK.