15 projects tagged "Linux"
Updated 01 Mar 2013
Digital Forensics Framework
| Pop | 249.46 |
|---|---|
| Vit | 9.91 |
DFF (Digital Forensics Framework) is a simple but powerful tool with a flexible module system which will help you in your digital forensics works, including file recovery due to error or crash, evidence research and analysis, etc. DFF provides a robust architecture and some handy modules.
Updated 24 Feb 2013
ANNFiD
| Pop | 107.98 |
|---|---|
| Vit | 1.20 |
ANNFiD is an experimental forensic tool that identifies file types using neural networks. A GUI tool is used to train the network for new file types. It is intended to be used to determine the nature of corrupted files.
Updated 30 Oct 2012
Xplico
| Pop | 285.20 |
|---|---|
| Vit | 13.79 |
Xplico is an IP traffic decoder that extracts data from an Internet traffic capture. From a pcap file, it can extracts each email (POP, IMAP, and SMTP protocols), all HTTP content, VoIP calls (SIP, RTP, H323, MEGACO, MGCP), IRC, MSN, and so on. It isn't a packet sniffer or a network protocol analyzer, but rather an IP/Internet traffic decoder or network forensic analysis tool (NFAT).
Updated 29 Jan 2012
LynxFS
| Pop | 49.80 |
|---|---|
| Vit | 1.00 |
LynxFS is a filesystem driver for LynxOS filesystem images. It is based on FUSE. The LynxOS filesystem appears to be very similar to BSD's FFS. This driver may be of use to people inspecting or debugging embedded systems.
Updated 20 Jun 2011
GrokEVT
| Pop | 118.49 |
|---|---|
| Vit | 6.08 |
GrokEVT is a collection of scripts built for reading Windows® NT/2K/XP/2K3 event log files. The scripts work together on one or more mounted Windows partitions to extract all information needed (registry entries, message templates, and log files) to convert the logs to a human-readable format.
Updated 01 Oct 2009
tableau-parm
| Pop | 56.87 |
|---|---|
| Vit | 1.79 |
tableau-parm is an small commandline utility designed to interact with Tableau forensic write blockers. It performs functions similar to the Tableau Disk Monitor, except that it operates under select UNIX platforms.
Updated 19 Mar 2009
dc3dd
| Pop | 83.71 |
|---|---|
| Vit | 1.82 |
dc3dd is a patched version of GNU dd to include a number of features useful for computer forensics.
Updated 09 Feb 2009
PTK
| Pop | 32.86 |
|---|---|
| Vit | 39.53 |
PTK is an alternative advanced interface for the TSK (The Sleuth Kit) suite. It was developed from scratch. Besides providing the functions already present in Autopsy, it implements numerous new features essential during forensic activity. PTK provides a graphical and highly professional interface based on AJAX technology. It also offers a great deal of features like analysis, search, and management of complex cases of digital investigation.
Updated 18 Aug 2008
Cryptographic Implementations Analysis Too...
| Pop | 45.87 |
|---|---|
| Vit | 1.00 |
The Cryptographic Implementations Analysis Toolkit (CIAT) is a compendium of command line and graphical tools whose aim is to help in the detection and analysis of encrypted byte sequences within files (executable and non-executable). It is particularly helpful in the forensic analysis and reverse engineering of malware using cryptographic code and encrypted payloads.
Updated 23 May 2008
msn-proxy
| Pop | 91.78 |
|---|---|
| Vit | 1.51 |
The msn-proxy is a lightweight transparent proxy for MSN Messenger clients. It allows you to control and monitor the use of Messenger on your network.
