Search Results for "forensic" - Page 4

Development and support of OCFA have been discontinued. the code has moved to these github repositories: https://github.com/DNPA/OcfaLib https://github.com/DNPA/OcfaArch https://github.com/DNPA/OcfaJavaLib https://github.com/DNPA/OcfaModules https://github.com/DNPA/OcfaDoc If you are interested in contributing to ongoing work on the creation of a community maintained OCFA inspired computer forensic framework, please join the Mattock/MattockFS community page on G+: https://plus.google.com/communities/102487198908055860744

This project is a plug in written in R and python language that makes a driver for Pyflag that allows forensic task for snort alert logs.

open source project for using forensic tools to help analyze devices for potential privacy and security vulnerabilities

eCryptfs Parser is a GUI for Linux and Windows that recursively parses the headers of every eCryptfs file found in a given directory. It will tell you what encryption algorithm was used, the original filesize, signature used etc

Rdd is a forensic copy program developed at and used by the Netherlands Forensic Institute (NFI). Unlike most copy programs, rdd is robust with respect to read errors, which is an important property in a forensic operating environment.

Foremost is a linux tool for conducting forensic examinations. Although intended for law enforcement purposes, it may be useful to other members of the community. Foremost reads through a file, such as a dd image file or a disk partition and extracts file

Reads any Extensible Storage Engine(ESE) database file.Uses of ESE databases are found in Windows Live Mail/Messenger/Desktop Search/Calendar/etc. Functions include comparing, searching and exporting. By Wouter S. van Dongen and Joeri D. Blokhuis

Rapid Evidence Acquisition Project for Event Reconstruction (REAPER) - Open Source forensic environment for the complete automation of the digital investigation process. At its core is Debian Live and the Open Computer Forensics Architecture (OCFA).

Development stop on the standalone application, ported as an autopsy module now: http://www.4ensics.co.uk/smutdetect4autopsy/ SmutDetect is a skin-tone image mining software which scans directories for images containing a specified percentage of skin-tones. It ranks (and filters) these images in various reports. Hash-export can be used to process the results in TSK/autopsy.

Automaton: An Automated Forensic Auditing, Security & Control Framework

The Digital Forensic Tool Testing (DFTT) project creates test images for digital forensic acquisition and analysis tools. These images can be used by a tool developers and owners to test their software.

JEDI is a Dependency Injection framework developed at the Netherlands Forensic Institute, released as Open Source under the BSD-license.

This project has moved to github: https://github.com/DNPA/libcarvpath https://github.com/DNPA/carvfs For use in automated forensic data processing you may also consider using MattockFS instead: https://github.com/pibara/MattockFS

XML carver which can carve damaged or non-standard XML out of any file. It rebuilds the XML tree, along with giving the offsets for all the carved XML data. This tool was developed for the DFRWS 2010 Forensics Challenge.

PPF : PenTestIT Portable Forensic Live DVD Collaboration of forensic tools in single DVD Vist : pentestit.com for more info

The FFT is a modified version of Xubuntu that includes a custom web app designed to aid in digital forensic investigations. Currently it has been geared towards performing audits against Mac OS X, support for Linux/Windows is planned.

Tool/s to automate the gathering of metadata from evidence artefacts collected during forensic examination and visualise the relationships between actors => objects using existing Knowledge Discovery and Social Network Analysis techniques

Network forensic imaging tool. Allows extreme flexibility in imaging methods with minimal setup and forensic impact on suspect machines. Imaging of Windows, Linux, Mac OSX and Unix supported.

Software for digital forensic offline comparison of handwritten documents.

AIR (Automated Image & Restore) is a GUI front-end to dd/dc3dd designed for easily creating forensic disk/partition images. Supports MD5/SHAx hashes, SCSI tape drives, imaging over a TCP/IP network, splitting images, and detailed session logging.

This tool will anonymize images by destroying the Photo Response Non Uniformity (PRNU) pattern. It can also remove or forge the PRNU patterns, without having a (negative) impact on the quality.

Hide your data from any scans for fingerprints at forensic analysis. Fragger is an concept to fragment files into many small files by scrambling the content of the source file.

"Forensic File Carving Tools" is a set of tools one can use to carve arbitrary memory dumps for recovering files.

...Later versions of TraceTuner, which support mixed base calling, have been used by the research community, the private biotech sector, and the U.S. government as components of different variant detection, genotyping and forensic software applications (e.g. Applied Biosystems SeqScape, Paracel Genome Assembler, MTexpert, etc.).

Tiny program to make a memory snapshot of a running process and also to print out some meta information like open file descriptors and used sockets. Useful for dumping malicious programs or live forensic.