Back to binalyze.com
Search…
Welcome
AIR
AIR
Introduction
Setup
Update
Features
Integrations
FAQ
TACTICAL
TACTICAL
What is TACTICAL?
Running TACTICAL from command line
Command Line Options
Evidence Types
Artifact Types
Command Line Examples
Exit Codes
Download TACTICAL
TACTICAL for Chrome
DRONE
DRONE
Introduction
How to use it?
Settings
Reporting
Features
Download DRONE
General
Licenses
Powered By
GitBook
Evidence Types
Brief overview to Evidence Types
You can use the command line options for enabling each evidence type separately when Custom collection profile is selected by providing --profile custom option.
Name
Long Form
Short Form
Default
Clipboard
--Clipboard
-clp
TRUE
Crash Dump Info
--CrashDumpInfo
-cdi
TRUE
Recycle Bin Info
--RecycleBinInfo
-rbi
TRUE
Restore Point Info
--RestorePointInfo
-rpi
TRUE
Driver Info
--DriverInfo
-dri
TRUE
Process Info
--ProcessInfo
-pri
TRUE
Screenshots
--Screenshots
-scr
TRUE
AntiVirus Info
--AVInfo
-avi
TRUE
DNS Server
--DNSServer
-dnss
TRUE
Proxy Info
--ProxyInfo
-prxy
TRUE
Downloads Info
--DownloadsInfo
-dli
FALSE
Autoruns
--Autoruns
-aui
TRUE
Installed Apps
--InstalledApps
-apps
TRUE
Firewall Rules
--Firewall
-frwl
TRUE
Volume Info
--VolumeInfo
-voli
TRUE
MBR
--MBR
-mbr
FALSE
RAM
--RAM
-ram
TRUE
PageFile
--PageFile
-pgf
TRUE
SwapFile
--SwapFile
-swp
FALSE
​
TACTICAL - Previous
Command Line Options
Next - TACTICAL
Artifact Types
Last modified
5mo ago
Copy link