things i should not forget, and that, eventually, could interest people

RVT v0.2.1 published

leave a comment »

First of all, sorry for the lack of news and updates lately, but RVT is developed with the free and spare time of the members of the team, and I have not had a lot of that in the last months.

RVT v0.2.1  include new features and some little improvements:

  • LNK files parsing
  • Harlan Carvey, author of the well-known Windows Incident Response blog, has kindly provided us with brilliant Perl code to parse Windows event files (EVT extension). Thus RVT now integrates the script ‘evt’, which can output text versions of the EVT files (script evt generate); it can also generate some stats about each EVT (script evt report). We would like to sincerely thank Harlan for his support and his useful code.
  • f-strings: an forensics version of Binutils strings command
  • extended shell history
  • and all the little changes and corrections published on this blog since v0.2
  • updated User Guide

Read The Revealer Toolkit website for more information.




Written by dervitx

14 November 2009 at 23:37

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: