RSS 27 projects tagged "Forensics"

Download Website Updated 24 Feb 2013 ANNFiD

Screenshot
Pop 41.28
Vit 1.04

ANNFiD is an experimental forensic tool that identifies file types using neural networks. A GUI tool is used to train the network for new file types. It is intended to be used to determine the nature of corrupted files.

Download Website Updated 19 Jan 2009 AirSAM

Screenshot
Pop 42.11
Vit 1.74

AirSAM is a desktop GUI that compliments the Web based Snort Alert Monitor. AirSAM gives up to date insight into who might be attacking your network. The ultimate goal is to give audio/visual cues right at the time of the attack. AirSAM is an Adobe Air application and should run on Mac OS, Linux, and Windows.

No download No website Updated 24 Nov 2010 CarvFS

Screenshot
Pop 49.96
Vit 1.91

CarvFS is a user space FUSE filesystem aimed at computer forensic tools that process disk and/or memory dump images or other large data files. The filesystem allows CarvPath-aware tools to use CarvPath annotations as a way to designate partitions, files, alternate streams, processes etc. within a disk or memory image as a string, making them available trough the filesystem as a pseudo file that can be handed to other tools. This removes the need to copy the information out of the disk image and reduces storage requirements.

No download No website Updated 24 Nov 2010 CarvPath

Screenshot
Pop 38.18
Vit 1.56

CarvPath (libcarvpath) is a library aimed at computer forensic tools that process disk and/or memory dump images or other large data files. The library allows the creation and manipulation of CarvPath annotations, which are a way to annotate partitions, files, alternate streams, processes etc. within a disk or memory image as a string. Entities within a CarvPath notation can be fragmented and/or nested, and allow for the expression of 'sparse' fragments within an entity. The CarvPath annotations resemble a path string in a filesystem, and thus present a basis for the interaction between computer forensics tools and the CarvPath-based user space file-system, CarvFs.

Download Website Updated 18 Aug 2008 Cryptographic Implementations Analysis Too...

Screenshot
Pop 36.88
Vit 1.00

The Cryptographic Implementations Analysis Toolkit (CIAT) is a compendium of command line and graphical tools whose aim is to help in the detection and analysis of encrypted byte sequences within files (executable and non-executable). It is particularly helpful in the forensic analysis and reverse engineering of malware using cryptographic code and encrypted payloads.

No download Website Updated 07 Oct 2008 FCCU GNU/Linux Forensic Bootable CD

Screenshot
Pop 207.59
Vit 3.88

FCCU GNU/Linux Forensic Bootable CD is a bootable CD based on Debian-live that contains a lot of tools suitable for computer forensic investigations, including bash scripts. Its main purpose is to create images of devices prior to analysis, and it is used by the Belgian Federal Computer Crime Unit.

Download Website Updated 22 Mar 2005 FCCU evtreader

Screenshot
Pop 69.52
Vit 1.42

FCCU evtreader is a forensic script made to parse MS Windows event log files.

Download Website Updated 13 Mar 2013 Fortools_dd

Screenshot
Pop 48.93
Vit 1.79

Fortools_dd is a set of forensic apps, created with zenity, for terminal commandos and bash scripts in Linux. It includes Mount_dd (a mounting images app), kijknekerap (a Dutch Terminal app), fgrep_dd (grep apps), convert_dd (a conversion app for aff > dd > EWF), shred_dd (a shredding app), filecopy_dd (a search-and-copy app), forensic_wine_dd (a Windows software with Wine app), reportmaker_dd (a small reportmaking app), Browserhistory_dd (a history app), and Offsetgrabber_dd (an offset viewing app).

No download Website Updated 21 Aug 2007 Karmasphere Parallel Data Processing Language

Screenshot
Pop 66.51
Vit 1.00

The Karmasphere DP language is a high-performance non-blocking parallel language for performing data processing. It is designed to give the user a high degree of control over the usage of system resources, such as how many CPU cores or how much disk I/O time to use, without requiring the software developer to explicitly consider these issues in code. The implementation is a stand-alone library that can be used in any Java 1.5 environment. It can take full advantage of multiprocessor (SMP or NUMA) systems, and may be scaled sideways: since the interpreter and environment are stateless, an entire cluster of machines may run the interpreter in parallel without any need for synchronization.

Download No website Updated 10 Apr 2014 Lynis

Screenshot
Pop 1,806.27
Vit 116.85

Lynis is an auditing and hardening tool for Unix derivatives like Linux/BSD/Solaris. It scans systems to detect software and security issues. Besides security-related information, it will also scan for general system information, installed packages, and possible configuration mistakes. The software is aimed at assisting automated auditing, software patch management, and vulnerability and malware scanning of Unix-based systems.

Screenshot

Project Spotlight

lazygal

A static Web gallery generator.

Screenshot

Project Spotlight

slapt-get

An APT-like system for Slackware package management.