Difference between revisions of "Mac-robber"
From SleuthKitWiki
Apriestman (Talk | contribs) |
Jacintheford (Talk | contribs) |
||
Line 3: | Line 3: | ||
Unlike the [[TSK]] tools, mac-robber relies on the OS to gather information about a mounted file system. This makes it more vulnerable to rootkits, but it allows an investigator to collect data on file systems that are not supported by TSK. | Unlike the [[TSK]] tools, mac-robber relies on the OS to gather information about a mounted file system. This makes it more vulnerable to rootkits, but it allows an investigator to collect data on file systems that are not supported by TSK. | ||
− | [http://www.sleuthkit.org/mac-robber/ http://www.sleuthkit.org/mac-robber/] | + | * [http://www.sleuthkit.org/mac-robber/ http://www.sleuthkit.org/mac-robber/] |
+ | * [http://www.pokerworld88.com/ Poker Online] | ||
+ | * [http://www.musimdomino.com/ Domino Online] | ||
+ | * [http://www.texaspoker83.com/ Texas Poker] | ||
+ | * [http://www.specialispoker.com/ Poker Online] | ||
+ | * [http://www.mejapoker88.com/ Poker Indonesia] | ||
+ | * [http://www.dinastipoker.com Agen Domino99] |
Revision as of 02:45, 18 May 2016
mac-robber is an open source tool that can be used to collect time information from a live computer. The output of this tool can be used to make a timeline of file activity.
Unlike the TSK tools, mac-robber relies on the OS to gather information about a mounted file system. This makes it more vulnerable to rootkits, but it allows an investigator to collect data on file systems that are not supported by TSK.