Project DescriptionConfessor is a Windows Application that utilizes WMI or PsExec along with standard tools to quickly gather live forensic information from any number of hosts.
Russ McRee of HolisticInfosec.org has written a toolsmith article for v.02 of confessor that can be read here:
Confessor toolsmithConfessor evolved from
MIR-ROR and enables the investigator to gather forensic data from many hosts at once.
Windows Sysinternals licensing prevents me from bundling the tools in a distribution package; you’ll have to retrieve them. See the Confessor User Guide in the downloads tab for a listing of tools and where to retrieve them.
Please provide feedback, enhancement suggestions, or code suggestions.
I hope you find Confessor as useful as I do.
Thanks,
Bryan Casper