Thursday, 1 May 2008

NEWS update on COFEE

its not back doors its just standard stuff (ie helix) but put on a USB thumb drive and has some extra GUI and easier to use for your average plod

"As a follow up, the COFEE tool is undergoing some final revisions and is due to be released to LE via the MS LE Portal in the near future. Local media are reporting that it may be distributed as early as Friday. You can access the presentation covering the tool on the portal. It is designed to provide forensic response on live systems, and they will be adding the capability in the near future to get a DD-type ram dump on Vista systems also. Another note of interest, MS is developing "Windows Forensic Environment" (Windows FE), which will be comparable to Helix, allowing
forensic analysis off of a read-only bootable CD... No clear word yet on its release, but it will also appear on the portal. "(the press release i got at work this afternoon)

if you like this idea you can try something similar here
there a few usb forensics kits (all free)

Labels: , , ,


Post a Comment

<< Home