Cette page vous donne les différences entre la révision choisie et la version actuelle de la page.
les_pre-requis_forensic [2017/04/09 15:33] 127.0.0.1 modification externe |
les_pre-requis_forensic [2022/04/10 00:31] (Version actuelle) Vixepti |
||
---|---|---|---|
Ligne 4: | Ligne 4: | ||
- Processus de boot [[http://www.thegeekstuff.com/2011/02/linux-boot-process/|lien1]] | - Processus de boot [[http://www.thegeekstuff.com/2011/02/linux-boot-process/|lien1]] | ||
- MBR [[http://en.wikipedia.org/wiki/Master_boot_record|lien1]] [[http://doc.ubuntu-fr.org/mbr|lien2]] | - MBR [[http://en.wikipedia.org/wiki/Master_boot_record|lien1]] [[http://doc.ubuntu-fr.org/mbr|lien2]] | ||
- | - Live memory [[http://resources.infosecinstitute.com/memory-forensics-and-analysis-using-volatility/|lien1]] [[http://www.lestutosdenico.com/tutos-de-nico/forensique-analyse-memoire-volatility|lien2]] | + | - Live memory [[http://resources.infosecinstitute.com/memory-forensics-and-analysis-using-volatility/|lien1]] [[https://web.archive.org/web/20200117183302/http://www.lestutosdenico.com/tutos-de-nico/forensique-analyse-memoire-volatility|lien2]] |
- Analyse de logs [[http://www.securinets.com/sites/default/files/tuto_pdf/Analyse%20des%20LOG%20des%20FW.pdf|lien1]] | - Analyse de logs [[http://www.securinets.com/sites/default/files/tuto_pdf/Analyse%20des%20LOG%20des%20FW.pdf|lien1]] | ||
======Windows ====== | ======Windows ====== | ||
- | - Windows file systems (FAT, NTFS) [[http://www.priscilla.com/Courses/ComputerForensics/pdfslides/FileSystemForensics.pdf|lien1]] [[http://www.dfsee.com/present/fsystems/fsystems.pdf|lien2]] | + | - Windows file systems (FAT, NTFS) [[https://www.priscilla.com/wp-content/uploads/2021/08/FileSystemForensics.pdf|lien1]] [[https://www.dfsee.com/present/fsystems.pdf|lien2]] |
- Registres [[http://support.microsoft.com/kb/256986|lien1]] | - Registres [[http://support.microsoft.com/kb/256986|lien1]] | ||
======Linux ====== | ======Linux ====== | ||
- | - Linux file systems (ext2/3) [[http://www.nongnu.org/ext2-doc/ext2.html|lien1]] [[http://perl.plover.com/yak/ext2fs/|lien2]] [[http://www.dfsee.com/present/fsystems/fsystems.pdf|lien3]] | + | - Linux file systems (ext2/3) [[http://www.nongnu.org/ext2-doc/ext2.html|lien1]] [[http://perl.plover.com/yak/ext2fs/|lien2]] [[https://www.dfsee.com/present/fsystems.pdf|lien3]] |
======Mac ====== | ======Mac ====== | ||
Ligne 34: | Ligne 34: | ||
- TSK + Autopsy | - TSK + Autopsy | ||
- Volatility | - Volatility | ||
+ | - Rekall Memory Forensic Framework | ||
- Memoryze | - Memoryze | ||
- Liste -> [[http://forensiccontrol.com/resources/free-software/|http://forensiccontrol.com/resources/free-software/]] | - Liste -> [[http://forensiccontrol.com/resources/free-software/|http://forensiccontrol.com/resources/free-software/]] |