Search Results for "forensic linux"

The Anteater moves to a new site, available under tranalyzer.com. This tool generates extended netflow-like flow/packet statistics from large pcap files or ethernet interfaces. It is intended to serve as a tool for IT troubleshooting, encrypted traffic mining, AI preprocessing and forensic analysis. A packet based "tshark mode" for detailed header and content inspection is improved for troubleshooting and security purposes. Flow based and packet based content inspection and extraction,...

Unhide is a forensic tool to find processes and TCP/UDP ports hidden by rootkits / LKMs or by another hiding technique. Note 1: Unhide-linux repo has migrated to https://github.com/YJesus/Unhide Please, report bugs or make pull requests on the new repo. Note 2: unhide-windows is no more maintained. Use tools like Gmer http://www.gmer.net/

Greyhound Trident is a GNU/Linux, Ubuntu based security distribution designed for penetration testing and cyber forensic investigations. It is a distribution designed for security enthusiasts and professionals, can also be used normally as your default OS. >>Based on Ubuntu 12.04.2 LTS (32bit ) user/pass : root/toor >>Kernel version 3.5.0-45 (little modified to make some of unsupported tools to work, but still will able to get Ubuntu updates ) >>2 Desktop environment : Gnome3, Docky Desktop for different test >>Final release >> Around 300 tools for all-round pentest performance User friendly, all important plugins such as video codec, audio plugins added Above all, this is Ubuntu, specially Hackers Ubuntu. ...

Just carved a bunch of bytes and have no idea what they could be? Maybe ANNFiD can help. ANNFiD uses neural network to identify byte patterns. It can be trained and has a GUI to help in the process. The tool is still on a very early stage, but could improve exponentially with the help of the developer community

Based on MATE environment HackShark Linux is a lightweight distribution for penetration testing, cyber forensic investigation and vulnerability assessment purpose.

A collection of tools to assist with the forensic analysis of computer systems.

IOS6 and recent iTunes updates have broken a few features. We have made some partial fixes, but they are not complete. If you'd like to help support our development, or take over the development please let us know. Explore the internal file structure of your iphone (or of a seized phone in the case of forensic teams) using either the iphone's own backup files or (for jail broken iphones) ssh. Viewing of plist, sqlite, and hex are supported. IOS 5 is now supported iOS 6 only partially...

Foremost is a linux tool for conducting forensic examinations. Although intended for law enforcement purposes, it may be useful to other members of the community. Foremost reads through a file, such as a dd image file or a disk partition and extracts file

Automaton: An Automated Forensic Auditing, Security & Control Framework

The Digital Forensic Tool Testing (DFTT) project creates test images for digital forensic acquisition and analysis tools. These images can be used by a tool developers and owners to test their software.

XML carver which can carve damaged or non-standard XML out of any file. It rebuilds the XML tree, along with giving the offsets for all the carved XML data. This tool was developed for the DFRWS 2010 Forensics Challenge.

This tool will anonymize images by destroying the Photo Response Non Uniformity (PRNU) pattern. It can also remove or forge the PRNU patterns, without having a (negative) impact on the quality.

Hide your data from any scans for fingerprints at forensic analysis. Fragger is an concept to fragment files into many small files by scrambling the content of the source file.

FLAG was designed to simplify the process of log file analysis and forensic investigations. FLAG facilitates efficient analysis of large quantities of data within an interactive environment. PyFlag is the reimplementation of FLAG in Python.

The Reco Platform is a Cross-platform forensic platform that will allow security researchers to create forensic prototypes in shorter amounts of time with greater efficiency.

The VAD tools are a set of scripts for working with Virtual Address Descriptor structures in dumps of Windows physical memory to provide detailed information about a process's memory allocations to a forensic investigator.

LINReS is a tool which can be used by Incident Response and Computer Forensic Teams during initial response phase to collect volatile and other non-volatile data from a compromised Linux machine using statically compiled binaries.

FragMend is a GUI tool that allows a forensic investigator to classify and view sectors of raw or unallocated data. The sectors can then be ordered and grouped into files.

Zeitline is a Java/Swing tool that allows a computer forensic investigator to import events from various sources of a computing system or network and then order and classify them into one or more timelines of events.

SIGOF (Security Information Graphics Oriented Forensic) aims at synthetizing security log, stored in a acid/base database schema, in order to provide a graphical / visual oriented security forensic and statistical analysis.

Ethereal Network Traffic Session Reconstruction for Internet Protocols. Management Console to reconstruct emails, web sessions, VOIP sessions, FTP, and all known supported Internet Protocols for Network Forensics. ***UPDATE*** Project release scheduled.

fccu.evtreader is a computer forensic tool that will help an investigator to analyze MS Windows event log files. It is a perl script made to be run under GNU/Linux but should run on other platforms too.

Live Security/Forensics Linux Distribution, built from scratch and packed full of tools useful for vulnerability analysis, penetration tests, and forensic analysis.

A criteria selection for guiding and assuring activities concerned with the analysis of digital evidence, It covers legal, police and operational aspects. It is not a technical manual for computer forensic analysis, It is a criteria-based manual.