RSS 8 projects tagged "Forensics"

Download Website Updated 17 Feb 2013 WTMParse

Screenshot
Pop 21.54
Vit 20.77

WTMParse is a script originally intended for use in forensic examinations which parses WTMP files from Unix-like operating systems and generates a CSS-styled HTML report containing the login terminal, username, log start date, and login time/date in a table. It's good for postmortem forensic examinations or as a way of getting "last"-like information when you don't have the ability to boot the machine in question but can grab the wtmp.

Download Website Updated 19 Mar 2009 dc3dd

Screenshot
Pop 68.70
Vit 1.81

dc3dd is a patched version of GNU dd to include a number of features useful for computer forensics.

Download Website Updated 18 Aug 2008 Cryptographic Implementations Analysis Too...

Screenshot
Pop 36.44
Vit 1.00

The Cryptographic Implementations Analysis Toolkit (CIAT) is a compendium of command line and graphical tools whose aim is to help in the detection and analysis of encrypted byte sequences within files (executable and non-executable). It is particularly helpful in the forensic analysis and reverse engineering of malware using cryptographic code and encrypted payloads.

Download No website Updated 24 Apr 2014 Lynis

Screenshot
Pop 1,808.43
Vit 383.81

Lynis is an auditing and hardening tool for Unix derivatives like Linux/BSD/Solaris. It scans systems to detect software and security issues. Besides security-related information, it will also scan for general system information, installed packages, and possible configuration mistakes. The software is aimed at assisting automated auditing, software patch management, and vulnerability and malware scanning of Unix-based systems.

No download Website Updated 29 Jan 2012 LynxFS

Screenshot
Pop 44.81
Vit 1.00

LynxFS is a filesystem driver for LynxOS filesystem images. It is based on FUSE. The LynxOS filesystem appears to be very similar to BSD's FFS. This driver may be of use to people inspecting or debugging embedded systems.

No download Website Updated 21 Aug 2007 Karmasphere Parallel Data Processing Language

Screenshot
Pop 67.47
Vit 1.00

The Karmasphere DP language is a high-performance non-blocking parallel language for performing data processing. It is designed to give the user a high degree of control over the usage of system resources, such as how many CPU cores or how much disk I/O time to use, without requiring the software developer to explicitly consider these issues in code. The implementation is a stand-alone library that can be used in any Java 1.5 environment. It can take full advantage of multiprocessor (SMP or NUMA) systems, and may be scaled sideways: since the interpreter and environment are stateless, an entire cluster of machines may run the interpreter in parallel without any need for synchronization.

Download No website Updated 01 Oct 2009 tableau-parm

Screenshot
Pop 52.59
Vit 1.72

tableau-parm is an small commandline utility designed to interact with Tableau forensic write blockers. It performs functions similar to the Tableau Disk Monitor, except that it operates under select UNIX platforms.

No download Website Updated 02 Oct 2011 RegLookup

Screenshot
Pop 133.66
Vit 7.21

The RegLookup project is devoted to direct analysis of Windows NT-based registry files. RegLookup provides command line tools, a C API, and a Python module for accessing registry data structures. The project has a focus on providing tools for digital forensic examiners (though it is useful for many purposes), and includes algorithms for retrieving deleted data structures from registry hives.

Screenshot

Project Spotlight

W3Perl

A server logfile statistic analysis program.

Screenshot

Project Spotlight

TurnKey ProjectPier Appliance

A ProjectPier appliance that is easy to use and lightweight.