Search Results for "forensics"

...A packet based "tshark mode" for detailed header and content inspection is improved for troubleshooting and security purposes. Flow based and packet based content inspection and extraction, better reporting, geo and organisation labeling, forensics support and encapsulation support such as ethip, teredo, anything in anything, SCTP, etc are new features of the 0.8.14. Checkout the tutorials: https://www.tranalyzer.com/tutorials

...This operating system is one variant of Linux distributions, which is used to perform security testing (penetration testing). Dracos linux in Arm by hundreds hydraulic pentest, forensics and reverse engineering. Use a GUI-based tools-tools the software using the CLI (command line interface) and GUI (graphical user interface) to perform its operations. Now Dracos currently already up to version 3.1.5 with the code name "KUNTILANAK WITH REMASTERED".

Xplico is a Network Forensic Analysis Tool (NFAT). The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email (POP, IMAP, and SMTP protocols), all HTTP contents, each VoIP call (SIP, MGCP, MEGACO, RTP), IRC, WhatsApp... Xplico is able to classify more than 140 (application) protocols. Xplico cam be used as sniffer-decoder if used in "live mode" or in conjunction with netsniff-ng. Xplico is used...

PCAPRUNNER runs through PCAP files and statistically analyzes IP packets. Other packets are ignored. Adresses, ports, oldest timestamp, youngest timestamp (first seen / last seen), the quantity of packets and the sum of the packet volumes (as given in the PCAP file as orig_len) are listed. PCAPRUNNER uses only the C standard library, no LIBPCAP.

The Sleuth Kit is a C++ library and collection of open source file system forensics tools that allow you to, among other things, view allocated and deleted data from NTFS, FAT, FFS, EXT2, Ext3, HFS+, and ISO9660 images.

...The information hiding approach used in this project was introduced by Khan et. al in 'Designing a cluster-based covert channel to evade disk investigation and forensics' (1st approach). Algorithm: When a cover file is written, an even blocknr. (for the 1st datablock) is choosen to represent a 0 or an odd blocknr. to represent an 1. For the remaining blocks of the cover file till the end of the code is reached, an adjacent blocknr. represents the same bit as the previous one and a non-adjacent blocknr. ...

Rapid Evidence Acquisition Project for Event Reconstruction (REAPER) - Open Source forensic environment for the complete automation of the digital investigation process. At its core is Debian Live and the Open Computer Forensics Architecture (OCFA).

mac-robber is a digital forensics and incident response tool that can be used with The Sleuth Kit to create a timeline of file activity for mounted file systems.

Interrogate is a proof-of-concept tool for identification of cryptographic keys in binary material. First and foremost for memory dump analysis and forensics usage. Able to identify AES, Serpent, Twofish and RSA keys as of version 0.0.3.

Software repository of the hack://src project. Includes security related software for crypto, vulnerability/patch notification & management, and ultra low level system access for stealth forensics & intrusion detection or malware removal.

An Enhanced version of gnu dd with features useful for forensics and security. Key features include on-the-fly hashing, status output and faster disk wiping.

Memparser is a memory forensics analysis tool for microsoft windows systems.

Ethereal Network Traffic Session Reconstruction for Internet Protocols. Management Console to reconstruct emails, web sessions, VOIP sessions, FTP, and all known supported Internet Protocols for Network Forensics. ***UPDATE*** Project release scheduled.

FreeBSD Forensics Bootable ISO

ODESSA - The Open Digital Evidence Search and Seizure Architecture is a cross-platform framework for performing Computer Forensics and Incident Response.

Live Security/Forensics Linux Distribution, built from scratch and packed full of tools useful for vulnerability analysis, penetration tests, and forensic analysis.

Bootable CD Forensics/Virus Scanning/Recovery/PenTesting platform

Found at www.itadmins.net in the Projects area. The complete Linux Administrators CD. For normal system and network administration, security, forensics tools and utilities.

...Block forwarding, uploading to unauthorized cloud services, or syncing to personal drives. Apply time-based access (expiration dates) and geo/device restrictions. Maintain tamper-evident audit trails for compliance and forensics.