24 lines
594 B
Markdown
24 lines
594 B
Markdown
# Kroll Artifact Parser
|
|
|
|
* Collect and processes artifacts on windows
|
|
* Collects from live systems, mounted images and F-response tool
|
|
|
|
## Targets
|
|
|
|
* Needs source and target directory, as well as a module to process the files on
|
|
* `Target` copies a file into a repository
|
|
* `*.tkape` files contains metadata of the files to copy
|
|
* `Compound Targets` contain metadata of multiple files in order to get a result quicker
|
|
* `!Disable` do not appear in the target list
|
|
* `!Local` keep on local
|
|
|
|
|
|
## Modules
|
|
|
|
* Used on the targeted files
|
|
* `*.mkape` files
|
|
* Additional binaries are kept in `bin`
|
|
|
|
|
|
|