Is there anyone else doing forensic data videos on TH-cam that are on this level? Please keep it up, I love learning this stuff! Plenty of people would too if they knew about it.
I'm currently getting my masters in digital forensics. This tool kit looks great!. What size usb do you recommend for the toolkit and image acquisition?
If you are planning to save all your live acquisitions to the drive, you'll probably need an external drive 1TB+ depending on how many systems you are likely to need to image. Really just depends on your use case. For general testing and practice keep your disk images small and you can get away with like a 32GB USB. Does that make sense? There is no way to know how much compression you're going to get on a image.
What types of jobs did you work before you became a forensics investigator? I’m graduating w a cyber security degree in 9 months and I want to go this route but I don’t know what entry level positions I should apply for.
Hello Sir, Thanks for sharing this great tool, just wondering what is the best way to conduct a triage with this tool? Bento was detected as a hacking tool and that triggered the anti-virus of the system. Would you think we need to disable the AV or is there is way I can do that plugging the USB into the machine will work like stealth mode?
Bento is basically an easy way to manage a large collection of individual tools. I usually prepare a USB stick with Bento built for certain tasks - like triage. Basically, you will either need to use each tool manually to get what you need form the target system, or write a script (batch/powershell) to call the Bento tools. What antivirus were you using? I've never had one pick up the Bento executable as malware. It might be possible that a tool that is installed with Bento was flagged? If so, you should be able to run all other tools. If it was the Bento executable, you can still go into the Bento install directory on your USB stick and use the extra tools you installed. Either way, you should be OK to collect basic information in a live system.
Excellent app.
I've already used it in field operations and it helps a lot!! I'm a fan of this app. Thank you very much!!
So useful, right? I'm glad you like it.
@@DFIRScience Very useful and easy to use!!! 10 stars :)
Is there anyone else doing forensic data videos on TH-cam that are on this level? Please keep it up, I love learning this stuff! Plenty of people would too if they knew about it.
Thanks a lot! I really appreciate it. If you've not seen it yet 13 Cubed has some great videos too: th-cam.com/users/13cubed
@@DFIRScience thank you!!
Genius tool.. Thanks for sharing Sir.
The Tsurugi group is doing some really great work. tsurugi-linux.org/
Thank you for this video! :))
You're so welcome!
I'm currently getting my masters in digital forensics. This tool kit looks great!. What size usb do you recommend for the toolkit and image acquisition?
If you are planning to save all your live acquisitions to the drive, you'll probably need an external drive 1TB+ depending on how many systems you are likely to need to image. Really just depends on your use case. For general testing and practice keep your disk images small and you can get away with like a 32GB USB. Does that make sense? There is no way to know how much compression you're going to get on a image.
What types of jobs did you work before you became a forensics investigator? I’m graduating w a cyber security degree in 9 months and I want to go this route but I don’t know what entry level positions I should apply for.
Hello Sir, Thanks for sharing this great tool, just wondering what is the best way to conduct a triage with this tool? Bento was detected as a hacking tool and that triggered the anti-virus of the system. Would you think we need to disable the AV or is there is way I can do that plugging the USB into the machine will work like stealth mode?
Bento is basically an easy way to manage a large collection of individual tools. I usually prepare a USB stick with Bento built for certain tasks - like triage. Basically, you will either need to use each tool manually to get what you need form the target system, or write a script (batch/powershell) to call the Bento tools.
What antivirus were you using? I've never had one pick up the Bento executable as malware. It might be possible that a tool that is installed with Bento was flagged? If so, you should be able to run all other tools. If it was the Bento executable, you can still go into the Bento install directory on your USB stick and use the extra tools you installed. Either way, you should be OK to collect basic information in a live system.
@@DFIRScience Thank you! yes some tools that is installed with Bento was detected by Microsoft AV as malware.
Bento is designed for live response tasks, but many of the tools are also useful for a local forensic workstation. 🤖
I want to ask you when I extracted the zip file my defender saw it as a virus to several files and I downloaded it from the main page. :(