• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

Beginner looking for tool advice

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Computer Forensics and Incident Response

View previous topic :: View next topic  
Author Message
BullyBoy
Just Arrived
Just Arrived


Joined: 07 Sep 2008
Posts: 0


Offline

PostPosted: Sun Sep 07, 2008 3:08 pm    Post subject: Beginner looking for tool advice Reply with quote

Hi all,

I hope this is the correct forum for this...

I am a pentester by trade, but have been asked to do a forensics-like job. The job involves determining whether a specific application leaves any sensitive data behind on a laptop after use. The application is basically a Citrix-like application, which uses a VPN to communicate back to a restricted and sensitive network.

I am assuming the types of tools I would be looking for include the following:
- a tool that snapshots the harddrive before and after use of the application, so that I can look at the "diff"/difference/delta for anything sensitive,
- a tool that does the same as above, but for memory, and/or
- a tool that monitors and records all writes to the harddrive and memory for a specific application, so that I can investigate later.

Are there specific tool suggestions that do the above? Are there any other suggestions for how I might approach this job?

Some more info:
- I have one Windows XP laptop and one Windows Vista laptop that will be provided for the job with the application installed. I have other Windows based laptops if needed.
- I would much prefer freely downloadable tools, as this job doesn't pay that much and I don't want to spend money for a tool that I may only use once. I may consider purchasing a tool though.

Any help greatly appreciated!
BullyBoy.
Back to top
View user's profile Send private message
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Computer Forensics and Incident Response All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register