Menu
  • Home
  • Radar Console
    • About the Radar
    • Go to Radar Console
    • Vulnerability Details
    • Overall Alerts
  • The Product Directory
    • About the Product Directory
  • CND Community
    • Contact Us
    • Blog
    • Packet Headers
    • Other Charts
    • Security Cartoons
  • Home
  • Radar Console
    • About the Radar
    • Go to Radar Console
    • Vulnerability Details
    • Overall Alerts
  • The Product Directory
    • About the Product Directory
  • CND Community
    • Contact Us
    • Blog
    • Packet Headers
    • Other Charts
    • Security Cartoons

mac-robber

mac-robber is a digital investigation tool that collects data from allocated files in a mounted file system. This is useful during incident response when analyzing a live system or when analyzing a dead system in a lab. The data can be used by the mactime tool in The Sleuth Kit to make a timeline of file activity. The mac-robber tool is based on the grave-robber tool from TCT and is written in C instead of Perl. mac-robber requires that the file system be mounted by the operating system, unlike the tools in The Sleuth Kit that process the file system themselves. Therefore, mac-robber will not collect data from deleted files or files that have been hidden by rootkits. mac-robber will also modify the Access times on directories that are mounted with write permissions. What is mac-robber good for then, you ask? mac-robber is useful when dealing with a file system that is not supported by The Sleuth Kit or other file system analysis tools. mac-robber is very basic C and should compile on any UNIX system. Therefore, you can run mac-robber on an obscure, suspect UNIX file system that has been mounted read-only on a trusted system. I have also used mac-robber during investigations of common UNIX systems such as AIX.
Rating
0 vote
Favoured:
0

Listing Details

Vendor
Brian Carrier
Website
Visit the Product Site
Pricing Model
FREEWARE
Modified
2006-06-07
Owner
michelemjordan
Add'l Info
*nix
Created
2006-06-07
RecommendReport
  • Web Application FW +
  • Cloud Security Services
  • Static Code Analysis
  • Boundary Guards +
  • Network Anomoly Detection +
  • Scanning Products +
  • Network Access Control
  • Server Security Products +
  • Endpoint Security +
  • Forensic Solutions +
    • - Anti Forensic Tools
    • - Forensic Toolkits
    • - Forensic Tools
    • - Network Forensic Tools
    • - Remote Forensics
    • - Porotocol Analyzers
  • Malware Protection +
  • Patch Management +
  • Reputational Intelligence
  • Insider Threat Solutions
  • Phishing Assessment
  • Virtualisation Security
  • SIEM
  • Vulnerability Alert Services
  • Security Training +
  • Security Conferences
  • Password Managers
  • TSCM Bug Sweeping +
  • Geeky Gadgets
  • Visio Stencils
  • Uncategorised

CND Services - Assessing Your Security

  • Risk Assessment
  • Cyber Profile Assessment
  • Cyber Essentials
  • Vulnerability Assessment
  • Web App Scanning
  • Penetration Testing
  • Red Teaming
  • Phishing Assessment
  • Security Compliance
  • Firewall Audit
  • Forensic Readiness
  • vCISO
  • Aviation vCRSM
  • Maritime vCySO

CND Services - Preventing an Attack

  • Superyacht Cyber
  • Secure Cloud Configuration
  • Security Architecture
  • IDS & IPS
  • Blockchain Security
  • Data Loss Prevention
  • System Security Hardening
  • Insider Threat Prevention
  • Cisco Advanced Security
  • Vulnerability Management

CND Services - Detecting an Attack

  • Splunk Services
  • SIEM
  • XDR
  • MDR
  • EDR
  • Building a SOC
  • SOC Maturity
  • Staffing a SOC
  • Cloud Security Monitoring
  • Insider Threat Detection
  • GPG13 Protective Monitoring
  • Cyber Threat Intelligence
  • Branded Radar Console

CND Services - Responding to Incidents

  • Breach Triage
  • Incident Response
  • Incident Support
  • Breach Impact
  • Root Cause Analysis
  • Breach Remediation
  • Risk Assessment
  • Forensic Readiness
  • IR Planning

CND Services - Managed Security

  • Managed SOC
  • Managed Cyber Education
  • Managed Phishing Assessments
  • vCISO
  • Vulnerability Assessments
  • Vulnerability Management
  • XDR
  • MDR
  • EDR
  • Managed SIEM

CND Services - Superyacht Services

  • Complete IMO Cyber
  • Superyacht Intelligence
  • Cyber Assessment
  • Cyber Plan & Policies
  • Cyber Monitoring
  • Cyber Officer CySO
  • Maritime Blog

CND Services - Recruitment

   

© Computer Network Defence Limited 2023

Privacy Notice
Terms & Conditions
Send us a Message