RUI-HAI CLOUD INVESTIGATE SYSTEM

Rui-Hai cloud investigate system is a remote forensics tool based on Windows platform,which can obtain server information and save the contents to the local hard disk.It can also browse server contents offline,and supports disk image,memory image,WebShell detection,file retrieval and data table download.

In order to better adapt to the huge volume of server data and massive content situation,the product focus on extraction for the server basic information,network,website (Ngnix,Apache,IIS),database (MySQL,MongoDB,PostgreSQL,SQLServer),file system and other modules.

Dalian Rui-hai Cloud Investigate System Core Functions
01

Remote connect to Windows, Linux, and kirin servers and connect to local PC devices.

02

Support manual upload Agent service.

03

Catch server information (such as host information, information, log, etc.

04

Get server information, including host name, IP, CPU, system type, system version, runtime, memory usage, disk partition, etc.

05

Gets a list of users, a list of processes, system startup entries, and login logs.

06

Get firewall rules, domain name cache, ARP cache, network connection information,network service, network catch packet information.

07

Obtain Ngnix, Apache and IIS are used as middleware on the server. Web site running information and web site WebShell inspection information.

08

Support server network data capture and packet data analysis.

09

Support server database connection access and database management.

10

Support file system fast retrieval, and disconnection continue download files and all files from folders.

11

Support hard disk image, memory image production and breakpoint continuation download transfer.

12

Diversed style switch, avoid single style.