24 projects tagged "Security"
Updated 07 Oct 2008
FCCU GNU/Linux Forensic Bootable CD
| Pop | 243.33 |
|---|---|
| Vit | 4.03 |
FCCU GNU/Linux Forensic Bootable CD is a bootable CD based on Debian-live that contains a lot of tools suitable for computer forensic investigations, including bash scripts. Its main purpose is to create images of devices prior to analysis, and it is used by the Belgian Federal Computer Crime Unit.
Updated 22 Mar 2005
FCCU evtreader
| Pop | 78.80 |
|---|---|
| Vit | 1.42 |
FCCU evtreader is a forensic script made to parse MS Windows event log files.
Updated 02 Oct 2011
RegLookup
| Pop | 138.35 |
|---|---|
| Vit | 8.57 |
The RegLookup project is devoted to direct analysis of Windows NT-based registry files. RegLookup provides command line tools, a C API, and a Python module for accessing registry data structures. The project has a focus on providing tools for digital forensic examiners (though it is useful for many purposes), and includes algorithms for retrieving deleted data structures from registry hives.
Updated 20 Jun 2011
GrokEVT
| Pop | 118.09 |
|---|---|
| Vit | 6.09 |
GrokEVT is a collection of scripts built for reading Windows® NT/2K/XP/2K3 event log files. The scripts work together on one or more mounted Windows partitions to extract all information needed (registry entries, message templates, and log files) to convert the logs to a human-readable format.
Updated 23 Aug 2005
fccu-docprop
| Pop | 54.13 |
|---|---|
| Vit | 1.00 |
fccu-docprop is a command line utility that tries to print the properties of MS OLE files. MS OLE Files are mainly MS Office DOC and XLS files. This software uses the libgsf library to get the metadata. This software can be used for forensic purposes.
Updated 01 Oct 2009
tableau-parm
| Pop | 57.08 |
|---|---|
| Vit | 1.79 |
tableau-parm is an small commandline utility designed to interact with Tableau forensic write blockers. It performs functions similar to the Tableau Disk Monitor, except that it operates under select UNIX platforms.
Updated 07 Mar 2008
MITRE Honeyclient Project
| Pop | 112.25 |
|---|---|
| Vit | 1.83 |
A 'honeypot' is designed to detect server-side attacks. In contrast, a 'honeyclient' is designed to detect client-side attacks. Specifically, a honeyclient is a dedicated host that drives specially instrumented applications to access remote servers to see if those servers are behaving in a malicious manner (by compromising the client). Honeyclients can proactively detect exploits against client applications without known signatures. This framework uses a client-server model with SOAP messaging as the primary communication method, and uses the free version of VMware Server as a means of virtualizing the client environment.
Updated 21 Aug 2007
Karmasphere Parallel Data Processing Language
| Pop | 68.00 |
|---|---|
| Vit | 1.00 |
The Karmasphere DP language is a high-performance non-blocking parallel language for performing data processing. It is designed to give the user a high degree of control over the usage of system resources, such as how many CPU cores or how much disk I/O time to use, without requiring the software developer to explicitly consider these issues in code. The implementation is a stand-alone library that can be used in any Java 1.5 environment. It can take full advantage of multiprocessor (SMP or NUMA) systems, and may be scaled sideways: since the interpreter and environment are stateless, an entire cluster of machines may run the interpreter in parallel without any need for synchronization.
Updated 29 Jan 2012
LynxFS
| Pop | 50.00 |
|---|---|
| Vit | 1.00 |
LynxFS is a filesystem driver for LynxOS filesystem images. It is based on FUSE. The LynxOS filesystem appears to be very similar to BSD's FFS. This driver may be of use to people inspecting or debugging embedded systems.
Updated 23 May 2008
msn-proxy
| Pop | 92.56 |
|---|---|
| Vit | 1.51 |
The msn-proxy is a lightweight transparent proxy for MSN Messenger clients. It allows you to control and monitor the use of Messenger on your network.
