Project Description
Confessor is a Windows Application that utilizes WMI or PsExec along with standard tools to quickly gather live forensic information from any number of hosts.

Russ McRee of HolisticInfosec.org has written a toolsmith article for v.02 of confessor that can be read here: Confessor toolsmith

Confessor evolved from MIR-ROR and enables the investigator to gather forensic data from many hosts at once.

Windows Sysinternals licensing prevents me from bundling the tools in a distribution package; you’ll have to retrieve them. See the Confessor User Guide in the downloads tab for a listing of tools and where to retrieve them.

Please provide feedback, enhancement suggestions, or code suggestions.

I hope you find Confessor as useful as I do.

Thanks,

Bryan Casper

Last edited Sep 15, 2011 at 10:20 PM by bc, version 9