Showing posts from January, 2012



toolsmith: ZeroAccess analysis with OSForensics

Prerequisites Windows
Happy New Year: “A New Year's resolution is something that goes in one year and out the other.” - Author Unknown

Introduction December is the time of year when I post the Toolsmith Tool of the Year survey for reader’s to vote on their favorite tool of the given year. Please do take a moment to vote. What’s nice is that I often receive inquiries from tool developers who would like consideration for coverage in toolsmith. David Wren, Managing Director, of PassMark Software caught me at just the right moment as I was topic hunting for this month’s column. PassMark, out of Sydney, Australia, has been known for benchmark and diagnostic tools but has recently dipped its tow in the digital forensics pool with OSForensics. I give PassMark props for snappy marketing. OSForensics, “Digital Investigation for a new era” coupled with the triumvirate of Discover, Identify, and Manage makes for a good pitch, but as always we need tools that do as they do, not as they say. So…