RSS 5 projects tagged "Forensics"

Download Website Updated 06 Jan 2014 Xplico

Screenshot
Pop 449.68
Vit 21.19

Xplico is an IP traffic decoder that extracts data from an Internet traffic capture. From a pcap file, it can extracts each email (POP, IMAP, and SMTP protocols), all HTTP content, VoIP calls (SIP, RTP, H323, MEGACO, MGCP), IRC, MSN, and so on. It isn't a packet sniffer or a network protocol analyzer, but rather an IP/Internet traffic decoder or network forensic analysis tool (NFAT).

Download Website Updated 07 Mar 2008 MITRE Honeyclient Project

Screenshot
Pop 92.34
Vit 1.82

A 'honeypot' is designed to detect server-side attacks. In contrast, a 'honeyclient' is designed to detect client-side attacks. Specifically, a honeyclient is a dedicated host that drives specially instrumented applications to access remote servers to see if those servers are behaving in a malicious manner (by compromising the client). Honeyclients can proactively detect exploits against client applications without known signatures. This framework uses a client-server model with SOAP messaging as the primary communication method, and uses the free version of VMware Server as a means of virtualizing the client environment.

Download Website Updated 19 Jan 2009 AirSAM

Screenshot
Pop 43.16
Vit 1.74

AirSAM is a desktop GUI that compliments the Web based Snort Alert Monitor. AirSAM gives up to date insight into who might be attacking your network. The ultimate goal is to give audio/visual cues right at the time of the attack. AirSAM is an Adobe Air application and should run on Mac OS, Linux, and Windows.

Download Website Updated 30 Mar 2008 adelaide

Screenshot
Pop 21.45
Vit 1.00

Adelaide is a shell script to automate the checking of important files for unauthorized changes on Linux and Unix systems. It will email the system administrator with the details if anything has changed.

No download Website Updated 07 Apr 2008 Yet Another Flowmeter

Screenshot
Pop 32.59
Vit 1.00

Yet Another Flowmeter (YAF) is a tool for network flow capture, primarily designed to operate efficiently on white box hardware and generate IPFIX flow records. It is designed to operate primarily on Unix-based systems (including Mac OS X), and is supported by the Network Situational Awareness team at CERT.

Screenshot

Project Spotlight

CyaSSL

A lightweight SSL/TLS library supporting up to TLS 1.2 and DTLS 1.2.

Screenshot

Project Spotlight

Calligra

An integrated suite of office and creative applications.