IR-Rescue was written for incident response and forensic – analysts, as well as for security professionals, it can be used to bring to those already included in the supply of tools and commands while judicial – expert activity.
IR-Rescue is easy for Windows batch script that collects a lot of forensic evidence from the 32-bit and 64-bit Windows systems. It can be set to perform comprehensive data collections for sorting purposes, as well as individual acquisition of specific data types. The tool is an attempt to streamline the data collection host, regardless of the needs of the investigation, and less reliance on local support when remote access is not available or the live analysis.
IR-Rescue uses built-in commands for Windows and a well-known third-party tools from Sysinternals and Nyrsoft and for collection of data groups according to the type of data. IR rescue was written for incident response and forensic – analysts, as well as for security professionals. IR rescue relies on several third-party utilities to collect specific data from the host. Versions instruments listed http://www.kitploit.com/2016/10/ir-rescue-windows-batch-script-to.html and provided with a package and thus their users, and a license agreement to be taken before starting Ir-rescue. Their descriptions and organization in the folder tree structure are given below, with both 32-bit and 64-bit versions of the tools included adjacently.