Back to binalyze.com
Search…
Welcome
AIR
AIR
Introduction
Setup
Update
Features
Integrations
FAQ
TACTICAL
TACTICAL
What is TACTICAL?
Running TACTICAL from command line
Command Line Options
Evidence Types
Artifact Types
Command Line Examples
Exit Codes
Download TACTICAL
TACTICAL for Chrome
DRONE
DRONE
Introduction
How to use it?
Settings
Reporting
Features
Download DRONE
General
Licenses
Powered By
GitBook
Artifact Types
Brief overview to Artifact Types
You can use the command line options for enabling each artifact type separately when Custom collection profile is selected by providing --profile custom option.
Name
Long Form
Short Form
Default
Active Directory Logs
--ADLogs
-adl
TRUE
Apache Logs
--ApacheLogs
-apcl
TRUE
DHCP Server Logs
--DHCPLogs
-dhcpl
TRUE
DNS Server Logs
--DNSLogs
-dnsl
TRUE
IIS Logs
--IISLogs
-iisl
TRUE
Microsoft Exchange Logs
--ExchangeLogs
-exchl
TRUE
MongoDB Logs
--MongoDBLogs
-mngl
TRUE
MSSQL Logs
--MSSQLLogs
-mssqll
TRUE
Cortana History
--CortanaHistory
-crtnh
FALSE
Microsoft Calendar
--MicrosoftCalendar
-mclndr
FALSE
Microsoft Maps
--MicrosoftMaps
-mmps
FALSE
Microsoft People
--MicrosoftPeople
-mppl
FALSE
Microsoft Photos
--MicrosoftPhotosHistory
-mph
FALSE
Microsoft Sticky Notes
--StickyNotes
-stckyn
FALSE
Microsoft Store Applications List
--StoreApplicationsDB
-strdb
TRUE
Microsoft Voice Record History
--VoiceRecordHistory
-vrcdh
FALSE
Search History
--SearchHistory
-srch
FALSE
Windows Notification History
--NotificationHistory
-ntfh
TRUE
Discord Desktop Cache
--DiscordCache
-dscrdc
FALSE
TACTICAL - Previous
Evidence Types
Next - TACTICAL
Command Line Examples
Last modified
5mo ago
Copy link