I am looking for a person with experience in using linux and tools like Forensic Toolkit and Autopsy to build a report on activities done by a suspect on a PC on the network running windows 7.
We need to be able to find the following...
(1) Files that were recently copied to the system and copied out from the system
(2) Devices that were connected to the system particularly removable disks
(3) Emails that were deleted from outlook connected to MS-exchange. (data is six months old but there is a backup available)
Size of disk is 500 GB
Work must be done remotely.
6 pekerja bebas membida secara purata $24/jam untuk pekerjaan ini
Hey I'm interested in this project. I had done such projects before. Is the windows 7 machine up and running? Is your environment a production or test environment?
Proficient in Using FTK for decoding Event Logs, Registry, MFT and other specific set of System Files indicating the user activity in a specific time interval.