Showing 1 - 5 of 5

Files from Dan Farmer

First Active	1999-08-17
Last Active	2004-11-19

tct-1.15.tar.gz: Posted Nov 19, 2004; Authored by Dan Farmer, Wietse Venema | Site porcupine.org; TCT is a collection of tools which are geared towards gathering and analyzing forensic data UNIX system after a break-in. TCT features the grave-robber tool which captures information, the ils and mactime tools that display access patterns of files dead or alive, the unrm and lazarus tools that recover deleted files, and the keyfind tool that recovers cryptographic keys from a running process or from files. TCT is tested on Linux, BSD, Solaris, and SunOS. For more information see the handouts from Dan Farmer and Wietse Venema's computer forensics analysis class.; Changes: Big bug fixes, and really cool new features. Everyone needs to download and use this, right now. Do not delay.; tags | tool; systems | linux, unix, solaris, bsd; SHA-256 | 4c8e343453332bd1fdf0627f9b888e2a4f597e70b367f124cc7f2562558213a1; Download | Favorite | View

tct-1.09.tar.gz: Posted Dec 18, 2001; Authored by Dan Farmer, Wietse Venema | Site porcupine.org; TCT is a collection of tools which are geared towards gathering and analyzing forensic data UNIX system after a break-in. TCT features the grave-robber tool which captures information, the ils and mactime tools that display access patterns of files dead or alive, the unrm and lazarus tools that recover deleted files, and the keyfind tool that recovers cryptographic keys from a running process or from files. TCT is tested on Linux, BSD, Solaris, and SunOS. For more information see the handouts from Dan Farmer and Wietse Venema's computer forensics analysis class.; Changes: Added large file support for linux. Fixed a bad off by one bug in unrm. New grave-robber -I option for better control of icat/pcat. Fixed lots of bugs. Updated documentation.; tags | tool; systems | linux, unix, solaris, bsd; SHA-256 | 40c43f9dd527192a2d17123c639020ca7431eb4a2af3dc31432c14373fcc0856; Download | Favorite | View

tct-1.05.tar.gz: Posted Jan 26, 2001; Authored by Dan Farmer, Wietse Venema | Site porcupine.org; TCT is a collection of tools which are geared towards gathering and analyzing forensic data UNIX system after a break-in. TCT features the grave-robber tool which captures information, the ils and mactime tools that display access patterns of files dead or alive, the unrm and lazarus tools that recover deleted files, and the keyfind tool that recovers cryptographic keys from a running process or from files. TCT is tested on Linux, BSD, Solaris, and SunOS. For more information see the handouts from Dan Farmer and Wietse Venema's computer forensics analysis class.; Changes: Fixes for the grave robber, added more switches, SunOS support added, and lots more misc fixes!; tags | tool; systems | linux, unix, solaris, bsd; SHA-256 | e4438d2f382400b4536a7defbae70fd2a6c1e333051c013b1c5bebb0630a46cd; Download | Favorite | View

tct-1.0.tar.gz: Posted Aug 1, 2000; Authored by Dan Farmer, Wietse Venema | Site porcupine.org; TCT is a collection of tools which are geared towards gathering and analyzing forensic data UNIX system after a break-in. TCT features the grave-robber tool which captures information, the ils and mactime tools that display access patterns of files dead or alive, the unrm and lazarus tools that recover deleted files, and the keyfind tool that recovers cryptographic keys from a running process or from files. TCT is tested on Linux, BSD, and Solaris. For more information see the handouts from Dan Farmer and Wietse Venema's computer forensics analysis class.; tags | tool; systems | linux, unix, solaris, bsd; SHA-256 | fce955a06d118664ebcbb0d9360ef897a8c0150f57b63742153a2faa4d4d662b; Download | Favorite | View

cops_dan_farmer.txt: Posted Aug 17, 1999; Authored by Dan Farmer; Cops and Robbers.; systems | unix; SHA-256 | caf47149c569124818a58fd9ed0e26c78ca1419aa2e179bf6d545d84ed239215; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days