Posted: Sun Sep 07, 2008 3:08 pm Post subject: Beginner looking for tool advice
I hope this is the correct forum for this...
I am a pentester by trade, but have been asked to do a forensics-like job. The job involves determining whether a specific application leaves any sensitive data behind on a laptop after use. The application is basically a Citrix-like application, which uses a VPN to communicate back to a restricted and sensitive network.
I am assuming the types of tools I would be looking for include the following:
- a tool that snapshots the harddrive before and after use of the application, so that I can look at the "diff"/difference/delta for anything sensitive,
- a tool that does the same as above, but for memory, and/or
- a tool that monitors and records all writes to the harddrive and memory for a specific application, so that I can investigate later.
Are there specific tool suggestions that do the above? Are there any other suggestions for how I might approach this job?
Some more info:
- I have one Windows XP laptop and one Windows Vista laptop that will be provided for the job with the application installed. I have other Windows based laptops if needed.
- I would much prefer freely downloadable tools, as this job doesn't pay that much and I don't want to spend money for a tool that I may only use once. I may consider purchasing a tool though.
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum