Tag Archives: Incident Response

USBDeview – Lists Connected USB Devices

USBDeview is a small utility that lists all USB devices that currently connected to your computer, as well as all USB devices that you previously used.

ShadowExplorer – Tool to Browse Shadow Copies

ShadowExplorer allows you to browse the Shadow Copies created by the Windows Vista / 7 / 8 / 10 Volume Shadow Copy Service.

Eraser – Tool to Wipe Sensitive Data

During the incident response and analyzing artifact in memory the responder will copy the data to external hard drive and this may include sensitive information that will be processed during the work. before starting to use external hard drive it

UserAssistView – Display UserAssist Items

One of the programs that will be helpful in the incident response from Nirsoft is UserAssistView.

DSi USB Write Blocker

DSi USB Write Blocker Utility will help into converting the USB stick into read only mode so no change or modification is allowed which comes at the end when all information requirement collected.

CrowdResponse – Forensics Data Collection Tool

CrowdResponse is an automated tool that will allow you to gather system information for incident response and security engagements.The tool may cover windows based operating system or MAC OSX.

LastActivityView – Tool to Review Operating System Activity

LastActivityView is a tool for Windows operating system that collects information from various sources on a running system, and displays a log of actions made by the user and events occurred on this computer.