From 86e28d161211c1ba5d5637f5f4fb23563a545d64 Mon Sep 17 00:00:00 2001 From: Meir Wahnon Date: Wed, 24 Feb 2016 22:25:14 +0200 Subject: [PATCH] adding Cold Disk Quick Response tool --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index d12c832..06f6d79 100644 --- a/README.md +++ b/README.md @@ -78,6 +78,7 @@ A curated list of tools and resources for security incident response, aimed to h ### Evidence Collection * [Live Response Collection](https://www.brimorlabs.com/tools/) - The Live Response collection by BriMor Labs is an automated tool that collects volatile data from Windows, OSX, and *nix based operating systems * [bulk_extractor](https://github.com/simsong/bulk_extractor) - bulk_extractor is a computer forensics tool that scans a disk image, a file, or a directory of files and extracts useful information without parsing the file system or file system structures. Because of ignoring the file system structure, the program distinguishes itself in terms of speed and thoroughness +* [Cold Disk Quick Response](https://github.com/rough007/CDQR) - uses a streamlined list of parsers to quickly analyze a forenisic image file (dd, E01, .vmdk, etc) and output nine reports ### Windows Evidence Collection * [FECT](https://github.com/jipegit/FECT) - Fast Evidence Collector Toolkit (FECT) is a light incident response toolkit to collect evidences on a suspicious Windows computer. Basically it is intended to be used by non-tech savvy people working with a journeyman Incident Handler