'Forensic Toolkit', and 'Vision'

Dennis Faas's picture

Forensic Toolkit

The Forensic ToolKit contains several Win32 command line tools that can help you examine the files on a NTFS disk partition for unauthorized activity. This open source tool includes AFind, which lists files by their last access time without tampering the data the way that right-clicking on file properties in Explorer will.



Vision, a host-based Forensic Utility, is the GUI successor to the well-known freeware tool, Fport. This innovative new product from Foundstone shows all of the open TCP and UDP ports on a machine, displays the service that is active on each port, and maps the ports to their respective applications. This is an especially handy if you suspect your system may be infected with spyware and is attempting to "call home."


Today's fresh software picks were provided courtesy of Bob Helmer at Shell Extension City. Please note that the below software descriptions are provided solely from the developer and are absent from any guarantee or warranty. You are encouraged to review the Shell Extension Software Policy for more details.

Rate this article: 
No votes yet