The Anssi opens to the community its software DFIR ORC, intended for the collection of forensic data for Windows.
“Let’s not forget the congratulations to ORC’s original developers.” Stéphane Lenco posted this comment on the LinkedIn page of Anssi.
The CISO Thales Group echoes the opening, under GPL license, of this ORC.
Designed in 2011, the software is intended for the collection of forensic data on Windows systems.
Anssi claims to have used it on “more than 150,000 positions” as part of its investigation and incident response missions.
ORC includes, as standard, a dozen tools for searching, extracting and making available data.
Its framework architecture makes it possible to widen the capacities while preserving a single executable.
Support for Microsoft OS starts from Windows XP SP2 and Windows Server 2003 SP3.
Tylor Wilson covers stories about Cyber Security & Information Technology. At ITDM, Tylor communicates and guide team members to curate non-biased content for ITDM readers. He is known for delivering cutting edge cyber security news.