Tag Archives: Windows Forensics

Panorama – Fast Incident Overview

Panorama was made to generate a wide report about Windows systems, support and tested on Windows XP SP2 and up.

AlternateStreamView – Tool to Investigate ADS File System

AlternateStreamView is a small utility that allows you to scan your NTFS drive, and find all hidden alternate streams stored in the file system.

CurrProcess – Tool to Display Currently Running Processes

CurrProcess utility is another nirsoft product that you can use among your toolkit for incident response.