Search Results for "forensic"

An extensible network forensic analysis framework. Enables rapid development of plugins to support the dissection of network packet captures. This is a major framework update to Dshell. Plugins written for the previous version are not compatible with this version, and vice versa. By extension, dpkt and pypcap have been replaced with Python3-friendly pypacker and pcapy (respectively).

...This tool generates extended netflow-like flow/packet statistics from large pcap files or ethernet interfaces. It is intended to serve as a tool for IT troubleshooting, encrypted traffic mining, AI preprocessing and forensic analysis. A packet based "tshark mode" for detailed header and content inspection is improved for troubleshooting and security purposes. Flow based and packet based content inspection and extraction, better reporting, geo and organisation labeling, forensics support and encapsulation support such as ethip, teredo, anything in anything, SCTP, etc are new features of the 0.8.14. ...

FTimes is a forensic system baselining, searching, and evidence collection tool. Its primary purpose is to gather and/or develop topographical information and attributes about specified directories and files in a manner conducive to intrusion and forensic analysis.

Xplico is a Network Forensic Analysis Tool (NFAT). The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email (POP, IMAP, and SMTP protocols), all HTTP contents, each VoIP call (SIP, MGCP, MEGACO, RTP), IRC, WhatsApp... Xplico is able to classify more than 140 (application) protocols.

Python script that was originally intended for use in forensic examinations that parses WTMP files from Unix-like operating systems and generates a CSS-styled HTML report containing login terminal, username, log start date and login time/date in a table. Good for postmortem forensic examinations or as a way of getting "last" like information where you don't have the ability to boot the machine in question but can grab the wtmp.

Development and support of OCFA have been discontinued. the code has moved to these github repositories: https://github.com/DNPA/OcfaLib https://github.com/DNPA/OcfaArch https://github.com/DNPA/OcfaJavaLib https://github.com/DNPA/OcfaModules https://github.com/DNPA/OcfaDoc If you are interested in contributing to ongoing work on the creation of a community maintained OCFA inspired computer forensic framework, please join the Mattock/MattockFS community page on G+: https://plus.google.com/communities/102487198908055860744

Rdd is a forensic copy program developed at and used by the Netherlands Forensic Institute (NFI). Unlike most copy programs, rdd is robust with respect to read errors, which is an important property in a forensic operating environment.

Development stop on the standalone application, ported as an autopsy module now: http://www.4ensics.co.uk/smutdetect4autopsy/ SmutDetect is a skin-tone image mining software which scans directories for images containing a specified percentage of skin-tones. It ranks (and filters) these images in various reports. Hash-export can be used to process the results in TSK/autopsy.

Software for digital forensic offline comparison of handwritten documents.

...Later versions of TraceTuner, which support mixed base calling, have been used by the research community, the private biotech sector, and the U.S. government as components of different variant detection, genotyping and forensic software applications (e.g. Applied Biosystems SeqScape, Paracel Genome Assembler, MTexpert, etc.).

Forensic tool designed to extract 3GP video files (regular files, deleted or fragments), SMS (regular, erased or fragments) and address books (regular, erased or fragments) from memory dumps of motorola V3i, V3r and V3D&G cell phones.

A web-based groupware application for Linux with PHP, MySQL, Apache, SSL oriented to forensic laboratories. Applicazione scritta per Linux con PHP, MySQL, Apache, SSL, finalizzata alla condivisione di dati nei laboratori forensi.

STRStat is a statistical package to calculate various parameters used in forensic science. It is also able to graphically display the distribution of the population and calculate the probability of appearance for a specific phenotype.