How to Gather Windows Volatile Data using Scripts . Information Gathering Tool

Collecting volatile data is the first thing that every forensic investigator will do on the device that is a victim of cybercrime. But collecting volatile data one by one is a time-consuming process and time in such cases there can be time limitations due to some circumstances.so we created a script using python that collects volatile data from the system by just clicking on it. it does not require running from any ide or the system. The script is easy to use, Users can change the code according to their requirements.

Steps To Run Script

Download the Code form GitHub Then Extract to Pen Drive or Memory Card . Double click on Forensics.py if the system has python installed on it otherwise click on Forensics.bat The Script will create multiple text file with information you required for investigation. This Tool creates multiple text files containing volatile information that later helps the investigators get some extra time to investigate. The list of info it will extract is as follows: System Time and Date User Running on System and All Users Details. Data on the clipboard and Command prompt History. Information About the system Routing Table, Network Details, Network statistics Task running on Background with their services Shared files on the system and Workstation Details DNS details We will add other features with future updates on Github. If the system does not have python installed, you can use the batch script. You Can Get This Code On GitHub link: Windows Forensic Tool

Also Visit Our YouTube Channel: CSSOLUTIONS

Don’t Forget to Like Share Subscribe ... https://www.youtube.com/watch?v=54Q0nMi1kHU