Appendix A

Third-party Windows CLI Tools

Abstract

This appendix provides a list of commonly used third-party Windows Command Line interface (CLI) tools that can be utilized to gather critical evidence during an investigation. This list provides the tool’s name, developer, genre, type of license, platform, vendor web site, and short description of the tool’s capabilities.

Keywords

Third party; Windows; Command line; Tools; Forensics; Evidence; Autorunsc; Handle; IOC Finder; ListDLLs; LogonSessions; Memoryze; Microsoft File Checksum Integrity Verifier; Port Reporter; ProcDump; PsExec; PsFile; PsInfo; PsKill; PsList; PsLoggedOn; PsLogList; PsService; TCPView; CurrPorts; USBDeview; OpenedFilesView; IEHistoryView; IECacheView; IECookiesView; ...

Get Executing Windows Command Line Investigations now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Executing Windows Command Line Investigations by Chet Hosmer, Joshua Bartolomie, Rosanne Pelli

Third-party Windows CLI Tools

Abstract

Keywords

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly