Incident Response with EZTools - Strings Search
bstrings is bundled with EZTools. This tool can be used to search for strings from a single file or a directory and is built using regex patterns for quick and reliable search.
From an incident response perspective, it is necessary for the responder to have the ability and skill to quickly triage to patient zero and identify the cause or action performed before the incident was detected.
During an incident, an executable may be launched, which made causes system to behave in an odd way. Getting an evidence of this execution on the system can help the responders pivot the investigation.