ir-rescue – A Windows Batch Script To Comprehensively Collect Host Forensic Data
ir-rescue is a lightweight Windows Batch script that collects a myriad of forensic data from 32-bit and 64-bit Windows systems while respecting the order of volatility and artifacts that are changed with the execution of the script ( e.g. , prefetch files). It is intended for incident response use at different stages in the analysis […]