RSS 32 projects tagged "Forensics"

Download No website Updated 10 Apr 2014 Lynis

Screenshot
Pop 1,805.57
Vit 123.99

Lynis is an auditing and hardening tool for Unix derivatives like Linux/BSD/Solaris. It scans systems to detect software and security issues. Besides security-related information, it will also scan for general system information, installed packages, and possible configuration mistakes. The software is aimed at assisting automated auditing, software patch management, and vulnerability and malware scanning of Unix-based systems.

Download Website Updated 09 Feb 2009 PTK

Screenshot
Pop 30.20
Vit 43.52

PTK is an alternative advanced interface for the TSK (The Sleuth Kit) suite. It was developed from scratch. Besides providing the functions already present in Autopsy, it implements numerous new features essential during forensic activity. PTK provides a graphical and highly professional interface based on AJAX technology. It also offers a great deal of features like analysis, search, and management of complex cases of digital investigation.

No download Website Updated 16 Aug 2009 LibForensics

Screenshot
Pop 20.49
Vit 41.31

LibForensics is a framework for developing digital forensics applications in Python.

Download No website Updated 13 Nov 2011 XtractCarver

Screenshot
Pop 25.40
Vit 29.77

Xtract attempts to demonstrate how Wireshark's powerful network traffic analysis capabilities can be combined with the file carving capabilities of programs such as Foremost and NetworkMiner in a manner that is portable and extensible (hence the choice of Perl). Specifically, it offers: automated extraction of network stream sessions; visualization of networks via GraphViz; and integration of file carving capability. The scripts are intended as a proof-of-concept for how tedious tasks of reassembling TCP/UDP streams from network capture files and file carving based on these streams can be automated.

Download Website Updated 09 Oct 2013 Mobius Forensic Toolkit

Screenshot
Pop 223.05
Vit 21.92

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Download Website Updated 06 Jan 2014 Xplico

Screenshot
Pop 447.30
Vit 21.68

Xplico is an IP traffic decoder that extracts data from an Internet traffic capture. From a pcap file, it can extracts each email (POP, IMAP, and SMTP protocols), all HTTP content, VoIP calls (SIP, RTP, H323, MEGACO, MGCP), IRC, MSN, and so on. It isn't a packet sniffer or a network protocol analyzer, but rather an IP/Internet traffic decoder or network forensic analysis tool (NFAT).

Download Website Updated 17 Feb 2013 WTMParse

Screenshot
Pop 21.12
Vit 20.62

WTMParse is a script originally intended for use in forensic examinations which parses WTMP files from Unix-like operating systems and generates a CSS-styled HTML report containing the login terminal, username, log start date, and login time/date in a table. It's good for postmortem forensic examinations or as a way of getting "last"-like information when you don't have the ability to boot the machine in question but can grab the wtmp.

No download Website Updated 02 Oct 2011 RegLookup

Screenshot
Pop 134.52
Vit 7.23

The RegLookup project is devoted to direct analysis of Windows NT-based registry files. RegLookup provides command line tools, a C API, and a Python module for accessing registry data structures. The project has a focus on providing tools for digital forensic examiners (though it is useful for many purposes), and includes algorithms for retrieving deleted data structures from registry hives.

Download No website Updated 01 Mar 2013 Digital Forensics Framework

Screenshot
Pop 141.86
Vit 4.92

DFF (Digital Forensics Framework) is a simple but powerful tool with a flexible module system which will help you in your digital forensics works, including file recovery due to error or crash, evidence research and analysis, etc. DFF provides a robust architecture and some handy modules.

Download Website Updated 14 Feb 2013 mount_dd

Screenshot
Pop 89.49
Vit 3.89

Mount_dd is a GUI for mounting a raw image in Gnome. You can mount a dd-image in read-write or read-only mode. You can mount ISO, .img, raw, .00x formats, EWF, and AFF in read-only mode. You can also mount exfat partitions in read-only mode.

Screenshot

Project Spotlight

j661

Provides a generic CDS (or ARINC 661 Server) conforming to the ARINC 661 standard.

Screenshot

Project Spotlight

Teddy Templating Engine

An easy-to-read, HTML-based, mostly logic-less DOM templating engine.