±Forensic Focus Partners

Become an advertising partner

±Your Account


Username
Password

Forgotten password/username?

Site Members:

New Today: 1 Overall: 32774
New Yesterday: 3 Visitors: 218

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

RSS Feed Widget

±Latest Webinars

Open Source Windows Link File Examiner (Shortcuts)

Forensic software discussion (commercial and open source/freeware). Strictly no advertising.
Reply to topicReply to topic Printer Friendly Page
Forum FAQSearchView unanswered posts
Go to page Previous  1, 2 
  

Re: Open Source Windows Link File Examiner (Shortcuts)

Post Posted: Thu Aug 17, 2017 4:41 pm

- binarybod

Well in my experience, any forensic analyst who can't compile an open source tool isn't worth their paycheque Wink


Sure, we definitely agree on this. Smile

- binarybod

Those who really want to use the tool to aid their investigations (and perhaps avoid paying for some of the alternatives), they are my target audience...

The difference of views is only on the estimation of their number, I am happy that you are more optimistic than I am.

jaclaz
_________________
- In theory there is no difference between theory and practice, but in practice there is. - 

jaclaz
Senior Member
 
 
  

Re: Open Source Windows Link File Examiner (Shortcuts)

Post Posted: Thu Aug 17, 2017 9:11 pm

- binarybod

Well in my experience, any forensic analyst who can't compile an open source tool isn't worth their paycheque Wink


I'm sorry, but while I fully support and congratulate you for your efforts, I must respectfully disagree. I know and have worked some really good forensic analysts, some of the best that there will ever be, and they don't code, let alone compile tools.  

keydet89
Senior Member
 
 
  

Re: Open Source Windows Link File Examiner (Shortcuts)

Post Posted: Thu Aug 31, 2017 9:47 am

Joachim Metz has a tool 'libnk2-devel-20170605-1.fc26.i686'

available at forensic.cert.org has libraries and tools to access link files.  

slippery
Newbie
 
 
  

Re: Open Source Windows Link File Examiner (Shortcuts)

Post Posted: Wed Sep 13, 2017 8:44 am

- keydet89
and they don't code, let alone compile tools.


Compiling and installing a tool does NOT require coding experience. Often, with open source tools all you need to do is follow the instructions in any installation text documentation usually found in the repository.

Often this is as simple as following a recipe.

Regards,
_________________
Paul Tew

Retired Forensic Analyst and Researcher 

binarybod
Senior Member
 
 
  

Re: Open Source Windows Link File Examiner (Shortcuts)

Post Posted: Wed Sep 13, 2017 8:48 am

- slippery
Joachim Metz has a tool 'libnk2-devel-20170605-1.fc26.i686'

available at forensic.cert.org has libraries and tools to access link files.


I've never used this tool but the documentation suggests it is for examining nickfile (NK2) objects and NOT Windows Link Files (a.k.a. 'shortcuts')

Regards,
_________________
Paul Tew

Retired Forensic Analyst and Researcher 

binarybod
Senior Member
 
 
  

Re: Open Source Windows Link File Examiner (Shortcuts)

Post Posted: Wed Sep 13, 2017 8:52 am

Bowing to peer pressure Wink I've produced some binaries:
github.com/Paul-Tew/lifer/releases
My suggestion would be to download the required one and just rename it to 'lifer' to avoid any unnecessary typing on the command-line.
_________________
Paul Tew

Retired Forensic Analyst and Researcher 

binarybod
Senior Member
 
 

Page 2 of 2
Go to page Previous  1, 2