Sunday, July 08, 2012

GSD Linkfest - a little bit of everything today

Quick collection of links gathered in this week.

  • Data recovery tutorial - As discovered and described by Very nice guide covering a number of Linux-based tools and techniques. DataRecovery - Community Ubuntu Documentation
  • Copy files from failing devices - Another great tippage from TinyApps bloggist. Check out safecopy
  • Create a system recovery partition - Great finds from TinyApps must come in “threes” as a link to Steve Si’s Create a system recovery partition post is found. It’s a detailed walkthough on setting up a Windows system-restore partition…just in case bad things ever strike.
  • Add to the file carving kit - TinyApps bonus links to POC for “Smart Carving” methods. Drop into the project’s SourceForge Documentation page to get the details.
  • FreeRecover - Free file recovery app for NTFS drives. It’s pretty fast. You can select options to get file paths as well as check “file integrity” to evaluate recovery value.  At this moment you cannot seem to sort results by column headings. It’s a good start.
  • Redo Backup and Recovery - BootCD format ISO file to handle system backups, recovery, partition editing, file recovery, and may more additional tools.
  • | Free Security & Utilities software downloads at
  • The Case of the Veeerrry Slow Logons - Mark's Blog - Great post by the Windows Master Mark Russinovich. Covers a number of angles as well as the Windows login process in detail (and how it can be hampered). Good reading.
  • Google Chrome Bookmarks Menu Extension - CybernetNews found a really refined and polished  Google Chrome Bookmarks Menu Extension. I had been using Atomic Bookmarks but this one is much better IMHO.
  • Ads Are Coming to Google Chrome Extensions - TheNextWeb blog. Choose your extensions wisely now, my friends…
  • Release: NewsFox - My favorite in-Firefox RSS feed add-on has a new release. newsfox: NEWEST
  • Filelist Creator - Free mini-app to create great lists of files/directories for indexing documentation. I have a few of these and this one is very, very nicely done. It’s been added to my carry-list.  Spotted and reviewed over at this Create Detailed File Lists In Various Formats With Filelist Creator AddictiveTips post.  Check out the big collection of other great utilities over at Stefan Trost Media. I grabbed more than a few!
  • TED V3.0 : The TEDinator - New update to the super-duper “TED Downloaded”.  I really appreciate the detail and help this tools brings in allowing me to download a local file of favorite “TED” talks. See also the new TED Radio Hour : NPR.
  • HexDive 0.3 - Hexacorn has just released a new version of HexDive which helps look for key strings in possible malware and other executable files. It’s CLI so it is really fast.
  • Forensic Artifacts blog has been releasing a large list of posts detailing forensic-worthy artifact bits left over from many applications. I found the PsTools Artifacts post extra interesting since it is used by a lot of us SysAdmins.
  • NTFS Tools collection - Joakim Schicht has just announced an updated collection of NTFS tools he has been grinding away on.  After you read the overview on the first link, hop over to his Google Project hosting page mft2csv to check out:
    • NTFS File Extractor which extracts systemfiles (metafiles) off an NTFS volume.
    • mft2csv which takes a $MFT file and rip info from all the records and dump to CSV file.
    • MFTRCRD is a cli file dumper to pull all info mft2csv can decode. can also dump the $MFT record of a specific file to console and detailed run information.
    • SetMACE which is a timestamp fiddling tool.

      Note, Joakim doesn’t have them all bundled up in a single archive package so look at the Downloads page carefully to pick out the most recent versions of each of them. It isn’t hard but does take a moment to make sure you are grabbing the right file. Also be aware that these are compiled in “AutoIt” script. It’s very flexible and powerful but some AV apps might complain…  Joakim has done a great job with his documentation on each tool. Check out the Wiki for more details on each one.

Have fun!

--Claus V.

No comments: