RSS 30 projects tagged "Forensics"

No download Website Updated 07 Oct 2008 FCCU GNU/Linux Forensic Bootable CD

Screenshot
Pop 207.98
Vit 3.88

FCCU GNU/Linux Forensic Bootable CD is a bootable CD based on Debian-live that contains a lot of tools suitable for computer forensic investigations, including bash scripts. Its main purpose is to create images of devices prior to analysis, and it is used by the Belgian Federal Computer Crime Unit.

Download Website Updated 22 Mar 2005 FCCU evtreader

Screenshot
Pop 69.20
Vit 1.42

FCCU evtreader is a forensic script made to parse MS Windows event log files.

No download Website Updated 02 Oct 2011 RegLookup

Screenshot
Pop 134.52
Vit 7.23

The RegLookup project is devoted to direct analysis of Windows NT-based registry files. RegLookup provides command line tools, a C API, and a Python module for accessing registry data structures. The project has a focus on providing tools for digital forensic examiners (though it is useful for many purposes), and includes algorithms for retrieving deleted data structures from registry hives.

Download Website Updated 23 Aug 2005 fccu-docprop

Screenshot
Pop 51.53
Vit 1.00

fccu-docprop is a command line utility that tries to print the properties of MS OLE files. MS OLE Files are mainly MS Office DOC and XLS files. This software uses the libgsf library to get the metadata. This software can be used for forensic purposes.

Download No website Updated 01 Oct 2009 tableau-parm

Screenshot
Pop 51.85
Vit 1.72

tableau-parm is an small commandline utility designed to interact with Tableau forensic write blockers. It performs functions similar to the Tableau Disk Monitor, except that it operates under select UNIX platforms.

Download Website Updated 07 Mar 2008 MITRE Honeyclient Project

Screenshot
Pop 90.96
Vit 1.82

A 'honeypot' is designed to detect server-side attacks. In contrast, a 'honeyclient' is designed to detect client-side attacks. Specifically, a honeyclient is a dedicated host that drives specially instrumented applications to access remote servers to see if those servers are behaving in a malicious manner (by compromising the client). Honeyclients can proactively detect exploits against client applications without known signatures. This framework uses a client-server model with SOAP messaging as the primary communication method, and uses the free version of VMware Server as a means of virtualizing the client environment.

No download Website Updated 21 Aug 2007 Karmasphere Parallel Data Processing Language

Screenshot
Pop 66.45
Vit 1.00

The Karmasphere DP language is a high-performance non-blocking parallel language for performing data processing. It is designed to give the user a high degree of control over the usage of system resources, such as how many CPU cores or how much disk I/O time to use, without requiring the software developer to explicitly consider these issues in code. The implementation is a stand-alone library that can be used in any Java 1.5 environment. It can take full advantage of multiprocessor (SMP or NUMA) systems, and may be scaled sideways: since the interpreter and environment are stateless, an entire cluster of machines may run the interpreter in parallel without any need for synchronization.

No download Website Updated 29 Jan 2012 LynxFS

Screenshot
Pop 44.09
Vit 1.00

LynxFS is a filesystem driver for LynxOS filesystem images. It is based on FUSE. The LynxOS filesystem appears to be very similar to BSD's FFS. This driver may be of use to people inspecting or debugging embedded systems.

Download No website Updated 10 Apr 2014 Lynis

Screenshot
Pop 1,804.16
Vit 132.90

Lynis is an auditing and hardening tool for Unix derivatives like Linux/BSD/Solaris. It scans systems to detect software and security issues. Besides security-related information, it will also scan for general system information, installed packages, and possible configuration mistakes. The software is aimed at assisting automated auditing, software patch management, and vulnerability and malware scanning of Unix-based systems.

Download Website Updated 09 Oct 2013 Mobius Forensic Toolkit

Screenshot
Pop 223.45
Vit 21.97

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Screenshot

Project Spotlight

PrestaShop Home Tabs

A PrestaShop module that adds extra tabs to your home page.

Screenshot

Project Spotlight

reposurgeon

A tool for editing version control repository history.