things i should not forget, and that, eventually, could interest people

Archive for November 2009

RVT v0.2.1 published

leave a comment »

First of all, sorry for the lack of news and updates lately, but RVT is developed with the free and spare time of the members of the team, and I have not had a lot of that in the last months.

RVT v0.2.1  include new features and some little improvements:

  • LNK files parsing
  • Harlan Carvey, author of the well-known Windows Incident Response blog, has kindly provided us with brilliant Perl code to parse Windows event files (EVT extension). Thus RVT now integrates the script ‘evt’, which can output text versions of the EVT files (script evt generate); it can also generate some stats about each EVT (script evt report). We would like to sincerely thank Harlan for his support and his useful code.
  • f-strings: an forensics version of Binutils strings command
  • extended shell history
  • and all the little changes and corrections published on this blog since v0.2
  • updated User Guide

Read The Revealer Toolkit website for more information.




Written by dervitx

14 November 2009 at 23:37