RSS 7 projects tagged "Forensics"

Download No website Updated 10 Apr 2014 Lynis

Screenshot
Pop 1,807.24
Vit 110.75

Lynis is an auditing and hardening tool for Unix derivatives like Linux/BSD/Solaris. It scans systems to detect software and security issues. Besides security-related information, it will also scan for general system information, installed packages, and possible configuration mistakes. The software is aimed at assisting automated auditing, software patch management, and vulnerability and malware scanning of Unix-based systems.

Download No website Updated 06 Dec 2013 gpart

Screenshot
Pop 70.91
Vit 1.59

Gpart is a small tool which tries to guess which partitions are on a PC harddisk in case the primary partition table was damaged. It works by scanning through the device (or file) given on the commandline on a sector basis. Each guessing module is asked if it thinks a filesystem it knows about could start at a given sector. Several filesystem guessing modules are built in, and others can be added dynamically.

Download Website Updated 17 Feb 2013 WTMParse

Screenshot
Pop 21.26
Vit 20.67

WTMParse is a script originally intended for use in forensic examinations which parses WTMP files from Unix-like operating systems and generates a CSS-styled HTML report containing the login terminal, username, log start date, and login time/date in a table. It's good for postmortem forensic examinations or as a way of getting "last"-like information when you don't have the ability to boot the machine in question but can grab the wtmp.

No download Website Updated 02 Oct 2011 RegLookup

Screenshot
Pop 134.20
Vit 7.23

The RegLookup project is devoted to direct analysis of Windows NT-based registry files. RegLookup provides command line tools, a C API, and a Python module for accessing registry data structures. The project has a focus on providing tools for digital forensic examiners (though it is useful for many purposes), and includes algorithms for retrieving deleted data structures from registry hives.

Download Website Updated 19 Mar 2009 dc3dd

Screenshot
Pop 68.82
Vit 1.81

dc3dd is a patched version of GNU dd to include a number of features useful for computer forensics.

Download Website Updated 09 Feb 2009 PTK

Screenshot
Pop 30.00
Vit 43.54

PTK is an alternative advanced interface for the TSK (The Sleuth Kit) suite. It was developed from scratch. Besides providing the functions already present in Autopsy, it implements numerous new features essential during forensic activity. PTK provides a graphical and highly professional interface based on AJAX technology. It also offers a great deal of features like analysis, search, and management of complex cases of digital investigation.

No download Website Updated 07 Apr 2008 Yet Another Flowmeter

Screenshot
Pop 32.68
Vit 1.00

Yet Another Flowmeter (YAF) is a tool for network flow capture, primarily designed to operate efficiently on white box hardware and generate IPFIX flow records. It is designed to operate primarily on Unix-based systems (including Mac OS X), and is supported by the Network Situational Awareness team at CERT.

Screenshot

Project Spotlight

Devel Live CD

A Live CD to compile programs.

Screenshot

Project Spotlight

Wandora

A Topic Map editor application.