Difference between revisions of "Mac-robber"

From SleuthKitWiki
Jump to: navigation, search
m (Reverted edits by Burgman (talk) to last revision by Carrier)
Line 3: Line 3:
 
Unlike the [[TSK]] tools, mac-robber relies on the OS to gather information about a mounted file system.  This makes it more vulnerable to rootkits, but it allows an investigator to collect data on file systems that are not supported by TSK.  
 
Unlike the [[TSK]] tools, mac-robber relies on the OS to gather information about a mounted file system.  This makes it more vulnerable to rootkits, but it allows an investigator to collect data on file systems that are not supported by TSK.  
  
* [http://www.sleuthkit.org/mac-robber/ http://www.sleuthkit.org/mac-robber/]
+
[http://www.sleuthkit.org/mac-robber/ http://www.sleuthkit.org/mac-robber/]
* [http://www.pokerworld88.com/ Poker Online]
+
* [http://www.musimdomino.com/ Domino Online]
+
* [http://www.texaspoker83.com/ Texas Poker]
+
* [http://www.specialispoker.com/ Poker Online]
+
* [http://www.mejapoker88.com/ Poker Indonesia]
+
* [http://www.dinastipoker.com Agen Domino99]
+

Revision as of 10:38, 13 November 2015

mac-robber is an open source tool that can be used to collect time information from a live computer. The output of this tool can be used to make a timeline of file activity.

Unlike the TSK tools, mac-robber relies on the OS to gather information about a mounted file system. This makes it more vulnerable to rootkits, but it allows an investigator to collect data on file systems that are not supported by TSK.

http://www.sleuthkit.org/mac-robber/

Retrieved from "https://wiki.sleuthkit.org/index.php?title=Mac-robber&oldid=19408"