•  

Computer Forensic Triage Using Manta Ray

A session at 4th Annual Open Source Digital Forensics Conference & Workshops

  • Doug Koster
  • Kevin Murphy

Tuesday 5th November, 2013

3:00pm to 3:35pm (EST)

Manta Ray builds off of our efforts with TAPEWORM. MantaRay is a suite of python scripts that perform the same triage steps we introduced in TAPEWORM including (Log2timeline, Volatility, ExifTool, RegRipper, Bulk_Extractor). Manta Ray will contain additional functionality including; script to extract all registry hives from disk image (overt, deleted, unallocated, shadow volumes) and then extract useful information from all hives and present this information to users in a single report, as well as a RegRipper like script that extracts information from .plist files.

Manta Ray will be integrated into the upcoming SIFT 3.0 release, thus making it easily accessible to any examiners that download the SIFT. The goal of this workshop is to demonstrate how the tool works as well as walking the users through how to interpret the tools output. Figuring out what to do with the data extracted by Manta Ray is where the true value of the tool becomes apparent, especially when all of the data is viewed in aggregate.

About the speakers

This person is speaking at this event.
Doug Koster
This person is speaking at this event.
Kevin Murphy

Sign in to add slides, notes or videos to this session

Tell your friends!

When

Time 3:00pm3:35pm EST

Date Tue 5th November 2013

Short URL

lanyrd.com/scrqyf

Official event site

www.basistechweek.com/osdf.html

View the schedule

Share

See something wrong?

Report an issue with this session