RSS 37 projects tagged "Forensics"

Download Website Updated 25 Oct 2007 TFTPgrab

Screenshot
Pop 13.93
Vit 1.00

TFTPgrab is a TFTP (Trivial File Transfer Protocol) stream extractor that reads from tcpdump/libpcap capture files. It attempts to reconstruct data that has been transferred via TFTP, and may be useful in some network forensics situations.

Download No website Updated 10 Apr 2014 Lynis

Screenshot
Pop 1,804.16
Vit 132.90

Lynis is an auditing and hardening tool for Unix derivatives like Linux/BSD/Solaris. It scans systems to detect software and security issues. Besides security-related information, it will also scan for general system information, installed packages, and possible configuration mistakes. The software is aimed at assisting automated auditing, software patch management, and vulnerability and malware scanning of Unix-based systems.

Download Website Updated 09 Oct 2013 Mobius Forensic Toolkit

Screenshot
Pop 223.45
Vit 21.97

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Download Website Updated 06 Jan 2014 Xplico

Screenshot
Pop 447.86
Vit 21.79

Xplico is an IP traffic decoder that extracts data from an Internet traffic capture. From a pcap file, it can extracts each email (POP, IMAP, and SMTP protocols), all HTTP content, VoIP calls (SIP, RTP, H323, MEGACO, MGCP), IRC, MSN, and so on. It isn't a packet sniffer or a network protocol analyzer, but rather an IP/Internet traffic decoder or network forensic analysis tool (NFAT).

Download Website Updated 30 Mar 2008 adelaide

Screenshot
Pop 21.26
Vit 1.00

Adelaide is a shell script to automate the checking of important files for unauthorized changes on Linux and Unix systems. It will email the system administrator with the details if anything has changed.

No download Website Updated 07 Apr 2008 Yet Another Flowmeter

Screenshot
Pop 32.59
Vit 1.00

Yet Another Flowmeter (YAF) is a tool for network flow capture, primarily designed to operate efficiently on white box hardware and generate IPFIX flow records. It is designed to operate primarily on Unix-based systems (including Mac OS X), and is supported by the Network Situational Awareness team at CERT.

No download Website Updated 02 Sep 2008 check_websites

Screenshot
Pop 22.36
Vit 1.45

check_websites is a very simple virus scanner for Web sites. It checks a document root directory for files with the .js extension and for codewords which might be a hint of defacement or SQL injection. This tool is made to run as a cronjob. There's no output on the screen, but it generates a logfile and mails output.

No download Website Updated 20 Sep 2011 picviz

Screenshot
Pop 48.83
Vit 2.43

Picviz is a parallel coordinates plotter which enables easy scripting from various types of input (such as tcpdump, syslog, iptables logs, or Apache logs) to visualize your data and discover interesting results quickly. Its primary goal is to graph data in order to be able to quickly analyze problems and find correlations among variables. With security analysis in mind, the program has been designed to be very flexible, able to graph millions of events.

Download Website Updated 18 Aug 2008 Cryptographic Implementations Analysis Too...

Screenshot
Pop 37.20
Vit 1.00

The Cryptographic Implementations Analysis Toolkit (CIAT) is a compendium of command line and graphical tools whose aim is to help in the detection and analysis of encrypted byte sequences within files (executable and non-executable). It is particularly helpful in the forensic analysis and reverse engineering of malware using cryptographic code and encrypted payloads.

Download Website Updated 19 Mar 2009 dc3dd

Screenshot
Pop 68.23
Vit 1.81

dc3dd is a patched version of GNU dd to include a number of features useful for computer forensics.

Screenshot

Project Spotlight

Wandora

A Topic Map editor application.

Screenshot

Project Spotlight

Highlight

A universal source code to formatted text converter.