Sometimes IT is called in to get information after someone has broken a policy or committed a crime with a computer.  It is always important to have a good forensics tool available to you.  Plainsight might be the right tool for the job.

From the website:

PlainSight is a versatile computer forensics environment that allows inexperienced forensic practitioners perform common tasks using powerful open source tools.

We have taken the best open source forensic/security tools, customised them, and combined them with an intuitive user interface to create an incredibly powerful forensic environment.

With PlainSight you can perform operations such as:

  • Get hard disk and partition information
  • Extract user and group information
  • View Internet histories
  • Examine Windows firewall configuration
  • Discover recent documents
  • Recover/Carve over 15 different file types
  • Discover USB storage information
  • Examine physical memory dumps
  • Examine UserAssist information
  • Extract LanMan password hashes
  • Preview a system before acquiring it

You can see PlainSight in action in the demo section. However we think that the best way to learn about it is to download the PlainSight iso from the downloads section and boot a computer with it.

Something to add to your tech arsenal.

Similar Posts:

If you found this post useful, why don't you buy me a cup of coffee to show your gratitude?

Trackback link - http://www.dailycupoftech.com/2009/03/26/awesome-find-21-plainsight/trackback/
Tim Fehlman