By OSForensics
Creating a signature
generates a snapshot of the directory structure of the drive at the point of
creation. This information includes data about a file's directory path, file
size and file attributes.
How to Create Signature
First of all download the OSForensics from here.
Select Create
Signature Option. Click on Config.
Now
browse the desired Directory from Directory list management, in my case I am
selecting h: Drive which specifies Pen drive. Click on Add to list Option to
include the directory. Click OK.
Now in start folder option, it will show us the selected
Drive i.e. H: Drive. Click on the
Start Option.
It will
ask for the File Name, enter the File Name & click on Save. So signature
for data drive will be created.
Now does some modification in data drive and repeat the same
steps to create another signature after modifications in data drive.
Now click on Compare Signature Option.
Browse both files in Old
Signature as well as in New Signature Option.
Click on Compare option .It will
start the process. Now it will show us the files with their modification status
as well as their creation and modification date. We can select show option to see only modified or
deleted files.
By Clicking on the modified file, it will show the file
differences by showing old as well as new signature path, its creation and
modification date.
0 comments:
Post a Comment