Desktop Triage is an on-site collection tool of over 35+ key Windows artifacts in just a few minutes, including security, application, and other related event logs. For registry category, we have all the essential ones (Prefetch, Shellbags, RecentFile, UserAssist, etc.)
Acquire critical files and pack them to a zip as the mini-image represent the target disk, which contains most of the artifacts and compress the time cost of collection to a very short period, saving time from the full imaging process.
Automatic scroll to capture screens of social media and websites on site, ensuring the collection of evidence which can only be seen on the field to guarantee most complete investigation.
LiveSearch function collects all the file information from both physical and logical disk, targeting the existence of suspicious and critical files.
Fast and efficient Reporting Feature.