Clik here to view.
RVT: libpst support
RVT v0.2 will support Microsoft Outlook PST parse support through this command: script mail parsepsts <partition> that extracts all the contents of all PST’s on that partition on output/mail...
View ArticleClik here to view.
RVT: support for F-Response
last revision of RVT contains a little, tiny, (it’s true, i swear!) change for making RVT directly functional with F-Response. However, the process of installing a new f-response generated device it’s...
View ArticleClik here to view.
RVT tools: plot_time.pl, plotting your timelines
RVT comes with a bunch of useful tools, not totally related with the forensic framewok, but too little to be published for themselves. plot_time.pl, located under the RVT/tools folder of the RVT’s svn...
View ArticleClik here to view.
RVT v0.2 released
Finally, version 0.2 of the Revealer Toolkit is out. See more information at the project page. Code can be downloaded from: http://revealertoolkit.googlecode.com/files/RVT_v0.2.zip svn checkout...
View ArticleClik here to view.
RVT v0.2 virtual machine
A VMWare virtual machine has been created with a completely functional RVT v0.2 system, folder structure and an example case. This VMWare can easily be used also as a production system. Due to...
View ArticleClik here to view.
RVT: parsing LNK files
support for parsing Microsoft Windows LNK files has been added to RVT. Just execute RVT > script lnk generate <disk> and a CSV file on output/lnk will be created with info of all LNK files of...
View ArticleClik here to view.
RVT: step by step
Step by step, some ugly parts of the code are being rewritten and getting better. On the last SVN revision, RVT stores on a text file (morgue/case/<case>_cmdLog.txt) a log of some commands...
View ArticleClik here to view.
f-strings, new RVT tool
f-strings, or Forensic Strings, is a new RVT tool that will be incorporated soon to the search engine of RVT. You know what binutils’ strings command do: extract printable characters from a binary...
View ArticleClik here to view.
RVT: images scanall: command obsolete
quick note: from SVN revision 70, “images scanall” command is no longer recognized, and is substituted for “images scan <case>”, where case can be a case number or the special word “all”, so...
View ArticleClik here to view.
RVT v0.2.1 published
First of all, sorry for the lack of news and updates lately, but RVT is developed with the free and spare time of the members of the team, and I have not had a lot of that in the last months. RVT...
View Article
