RSS 3 projects tagged "Forensics"

Download Website Updated 20 Jun 2011 GrokEVT

Screenshot
Pop 105.90
Vit 5.29

GrokEVT is a collection of scripts built for reading Windows® NT/2K/XP/2K3 event log files. The scripts work together on one or more mounted Windows partitions to extract all information needed (registry entries, message templates, and log files) to convert the logs to a human-readable format.

No download Website Updated 02 Oct 2011 RegLookup

Screenshot
Pop 133.98
Vit 7.24

The RegLookup project is devoted to direct analysis of Windows NT-based registry files. RegLookup provides command line tools, a C API, and a Python module for accessing registry data structures. The project has a focus on providing tools for digital forensic examiners (though it is useful for many purposes), and includes algorithms for retrieving deleted data structures from registry hives.

Download Website Updated 25 Oct 2007 TFTPgrab

Screenshot
Pop 13.78
Vit 1.00

TFTPgrab is a TFTP (Trivial File Transfer Protocol) stream extractor that reads from tcpdump/libpcap capture files. It attempts to reconstruct data that has been transferred via TFTP, and may be useful in some network forensics situations.

Screenshot

Project Spotlight

CloverETL

A Java framework for building data integration and ETL applications.

Screenshot

Project Spotlight

Caché Monitor

A dev utility for the InterSystems database Caché.