Search Results for "ptk-forensics"

A free/libre toolchain for easing several low-level tasks like forensics, software reverse engineering, exploiting, and debugging. It is composed by a bunch of libraries (which are extended with plugins) and programs that can be automated with almost any programming language. It is recommended to install it from git, alternatively, you can pick the last release (every 6 weeks) from Github. Batch, Commandline, visual, and panels interactive modes. Embedded webserver with js scripting and WebUI...

... reporting, geo and organisation labeling, forensics support and encapsulation support such as ethip, teredo, anything in anything, SCTP, etc are new features of the 0.8.14. Checkout the tutorials: https://www.tranalyzer.com/tutorials

What is DracOS GNU/Linux Remastered ? DracOS GNU/Linux Remastered ( https://github.com/dracos-linux ) is the Linux operating system from Indonesia , open source is built based on Debian live project under the protection of the GNU General Public License v3.0. This operating system is one variant of Linux distributions, which is used to perform security testing (penetration testing). Dracos linux in Arm by hundreds hydraulic pentest, forensics and reverse engineering. Use a GUI-based tools...

Xplico is a Network Forensic Analysis Tool (NFAT). The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email (POP, IMAP, and SMTP protocols), all HTTP contents, each VoIP call (SIP, MGCP, MEGACO, RTP), IRC, WhatsApp... Xplico is able to classify more than 140 (application) protocols. Xplico cam be used as sniffer-decoder if used in "live mode" or in conjunction with netsniff-ng. Xplico is used...

PCAPRUNNER runs through PCAP files and statistically analyzes IP packets. Other packets are ignored. Adresses, ports, oldest timestamp, youngest timestamp (first seen / last seen), the quantity of packets and the sum of the packet volumes (as given in the PCAP file as orig_len) are listed. PCAPRUNNER uses only the C standard library, no LIBPCAP.

The Sleuth Kit is a C++ library and collection of open source file system forensics tools that allow you to, among other things, view allocated and deleted data from NTFS, FAT, FFS, EXT2, Ext3, HFS+, and ISO9660 images.

This modification of the ext2 kernel module allows to create files (cover files) whose block arrangement gets manipulated to represent a binary code, which can be extracted later. The information hiding approach used in this project was introduced by Khan et. al in 'Designing a cluster-based covert channel to evade disk investigation and forensics' (1st approach). Algorithm: When a cover file is written, an even blocknr. (for the 1st datablock) is choosen to represent a 0 or an odd...

Rapid Evidence Acquisition Project for Event Reconstruction (REAPER) - Open Source forensic environment for the complete automation of the digital investigation process. At its core is Debian Live and the Open Computer Forensics Architecture (OCFA).

mac-robber is a digital forensics and incident response tool that can be used with The Sleuth Kit to create a timeline of file activity for mounted file systems.

Interrogate is a proof-of-concept tool for identification of cryptographic keys in binary material. First and foremost for memory dump analysis and forensics usage. Able to identify AES, Serpent, Twofish and RSA keys as of version 0.0.3.

Software repository of the hack://src project. Includes security related software for crypto, vulnerability/patch notification & management, and ultra low level system access for stealth forensics & intrusion detection or malware removal.

META is a decision making software which aims are to track computer attackers, computer attacks and to help investigators finding useful elements.

An Enhanced version of gnu dd with features useful for forensics and security. Key features include on-the-fly hashing, status output and faster disk wiping.

Memparser is a memory forensics analysis tool for microsoft windows systems.

Ethereal Network Traffic Session Reconstruction for Internet Protocols. Management Console to reconstruct emails, web sessions, VOIP sessions, FTP, and all known supported Internet Protocols for Network Forensics. ***UPDATE*** Project release scheduled.

FreeBSD Forensics Bootable ISO

Impost is a network security auditing tool designed to analyze the forensics behind protocol exploitation.

ODESSA - The Open Digital Evidence Search and Seizure Architecture is a cross-platform framework for performing Computer Forensics and Incident Response.

Live Security/Forensics Linux Distribution, built from scratch and packed full of tools useful for vulnerability analysis, penetration tests, and forensic analysis.

Bootable CD Forensics/Virus Scanning/Recovery/PenTesting platform

Found at www.itadmins.net in the Projects area. The complete Linux Administrators CD. For normal system and network administration, security, forensics tools and utilities.