URL: unhide-forensics.info/?RadioGraPhy


Radiography is a forensic tool which grabs as much information as possible from a Windows system.

Its checks:

It has also unique features:

-When it identifies a process (running or configured in registry keys, startup directories or task scheduler) it checks its hash with Team Cymru's MALWARE HASH REGISTRY service to identify potential threats

-RadioGraPhy does a process integrity test using 'WinUnhide' to catch hidden processes

-Dump a copy of Eventlog and grab a copy of the process binaries for later review 

RadioGraPhy is OpenSource (GPL License) and come with a CLI version and a graphic frontend (please have a look to Screenshots section)