Twenty Year Anniversary
Showing 1 - 25 of 147 RSS Feed

Forensics Files

GRR 3.2.3.2
Posted Jun 28, 2018
Authored by Andreas Moser, Mikhail Bushkov, Ben Galehouse, Milosz Lakomy | Site github.com

GRR Rapid Response is an incident response framework focused on remote live forensics. The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly triage attacks and perform analysis remotely. GRR consists of 2 parts: client and server. GRR client is deployed on systems that one might want to investigate. On every such system, once deployed, GRR client periodically polls GRR frontend servers for work. "Work" means running a specific action: downloading file, listing a directory, etc. GRR server infrastructure consists of several components (frontends, workers, UI servers) and provides web-based graphical user interface and an API endpoint that allows analysts to schedule actions on clients and view and process collected data.

Changes: This is an off-schedule release with a fix for a client-repacking bug introduced in v3.2.3.0.
tags | tool, remote, web, forensics
systems | unix
MD5 | 7aa8402312de71d03f4fab72c0a59707
GRR 3.2.3.0
Posted Jun 25, 2018
Authored by Andreas Moser, Mikhail Bushkov, Ben Galehouse, Milosz Lakomy | Site github.com

GRR Rapid Response is an incident response framework focused on remote live forensics. The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly triage attacks and perform analysis remotely. GRR consists of 2 parts: client and server. GRR client is deployed on systems that one might want to investigate. On every such system, once deployed, GRR client periodically polls GRR frontend servers for work. "Work" means running a specific action: downloading file, listing a directory, etc. GRR server infrastructure consists of several components (frontends, workers, UI servers) and provides web-based graphical user interface and an API endpoint that allows analysts to schedule actions on clients and view and process collected data.

Changes: UI improvements and bugfixes. Various other updates.
tags | tool, remote, web, forensics
systems | unix
MD5 | d71ddd87116451d074d7e6b62656bc4e
GRR 3.2.2.0
Posted Mar 13, 2018
Authored by Andreas Moser, Mikhail Bushkov, Ben Galehouse, Milosz Lakomy | Site github.com

GRR Rapid Response is an incident response framework focused on remote live forensics. The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly triage attacks and perform analysis remotely. GRR consists of 2 parts: client and server. GRR client is deployed on systems that one might want to investigate. On every such system, once deployed, GRR client periodically polls GRR frontend servers for work. "Work" means running a specific action: downloading file, listing a directory, etc. GRR server infrastructure consists of several components (frontends, workers, UI servers) and provides web-based graphical user interface and an API endpoint that allows analysts to schedule actions on clients and view and process collected data.

Changes: As of this release, GRR's legacy asciidoc documentation (previously hosted on github) has been deleted. Various other updates.
tags | tool, remote, web, forensics
systems | unix
MD5 | 92d2386779334495d1f9004a47cd9c93
GRR 3.2.1.1
Posted Dec 12, 2017
Authored by Andreas Moser, Mikhail Bushkov, Ben Galehouse, Milosz Lakomy | Site github.com

GRR Rapid Response is an incident response framework focused on remote live forensics. The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly triage attacks and perform analysis remotely. GRR consists of 2 parts: client and server. GRR client is deployed on systems that one might want to investigate. On every such system, once deployed, GRR client periodically polls GRR frontend servers for work. "Work" means running a specific action: downloading file, listing a directory, etc. GRR server infrastructure consists of several components (frontends, workers, UI servers) and provides web-based graphical user interface and an API endpoint that allows analysts to schedule actions on clients and view and process collected data.

Changes: The HTTPDatastore has been removed from GRR. GRR now supports MySQL out of the box (when installed from the server deb). Various other updates.
tags | tool, remote, web, forensics
systems | unix
MD5 | 93f67792eab4a629d4cd7ad2d68af5ae
Mobius Forensic Toolkit 1.0
Posted Nov 21, 2017
Site savannah.nongnu.org

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Changes: Tons of changes to the C++ and python APIs. Various other changes.
tags | tool, python, forensics
MD5 | 87c57ac832fccbc31880ac0b718e0b04
Mobius Forensic Toolkit 0.5.31
Posted Sep 12, 2017
Site savannah.nongnu.org

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Changes: Tons of changes to the C++ and python APIs. Various other changes.
tags | tool, python, forensics
MD5 | 215572240548fdb4ae6362967fe9963c
GRR 3.2.0.1
Posted Sep 10, 2017
Authored by Andreas Moser, Mikhail Bushkov, Ben Galehouse, Milosz Lakomy | Site github.com

GRR Rapid Response is an incident response framework focused on remote live forensics. The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly triage attacks and perform analysis remotely. GRR consists of 2 parts: client and server. GRR client is deployed on systems that one might want to investigate. On every such system, once deployed, GRR client periodically polls GRR frontend servers for work. "Work" means running a specific action: downloading file, listing a directory, etc. GRR server infrastructure consists of several components (frontends, workers, UI servers) and provides web-based graphical user interface and an API endpoint that allows analysts to schedule actions on clients and view and process collected data.

Changes: Various updates.
tags | tool, remote, web, forensics
systems | unix
MD5 | 9b4d1aaf8704a076eaa56f7948e420e2
Mobius Forensic Toolkit 0.5.30
Posted Aug 9, 2017
Site savannah.nongnu.org

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Changes: Tons of changes to the C++ and python APIs. Various other changes.
tags | tool, python, forensics
MD5 | 23ab1a4549b6f81b30af21dd884953ce
Mobius Forensic Toolkit 0.5.29
Posted Jul 5, 2017
Site savannah.nongnu.org

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Changes: Tons of changes to the C++ and python APIs. Various other changes.
tags | tool, python, forensics
MD5 | e209c5f81785662ff1665b6a5859ca5d
Mobius Forensic Toolkit 0.5.28
Posted Jun 15, 2017
Site savannah.nongnu.org

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Changes: New extension gtk-report-dialog. Improvements in attribute-viewer and lshw-agent. Various other changes.
tags | tool, python, forensics
MD5 | 53152ed2bf330a6f792d962c03816bce
Mobius Forensic Toolkit 0.5.27
Posted Feb 1, 2017
Site savannah.nongnu.org

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Changes: New extension lshw-agent. Various other improvements.
tags | tool, python, forensics
MD5 | c63bfb52c519dbb44c724037201f6ede
Mobius Forensic Toolkit 0.5.26
Posted Oct 10, 2016
Site savannah.nongnu.org

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Changes: Tons of C++ API changes. Various other improvements.
tags | tool, python, forensics
MD5 | c8cfc5982d32602b5f1b357feee8f245
Mobius Forensic Toolkit 0.5.25
Posted Jul 26, 2016
Site savannah.nongnu.org

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Changes: Many updates to the C++ and python APIs. Various other improvements.
tags | tool, python, forensics
MD5 | 72611358478efed219baa6cb4fa4299a
GRR 3.1.0.2
Posted Jun 24, 2016
Authored by Andreas Moser, Mikhail Bushkov, Ben Galehouse, Milosz Lakomy | Site github.com

GRR Rapid Response is an incident response framework focused on remote live forensics. The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly triage attacks and perform analysis remotely. GRR consists of 2 parts: client and server. GRR client is deployed on systems that one might want to investigate. On every such system, once deployed, GRR client periodically polls GRR frontend servers for work. "Work" means running a specific action: downloading file, listing a directory, etc. GRR server infrastructure consists of several components (frontends, workers, UI servers) and provides web-based graphical user interface and an API endpoint that allows analysts to schedule actions on clients and view and process collected data.

Changes: Added Chrome desktop notifications. Added ability to create a hunt from a flow. Various other updates.
tags | tool, remote, web, forensics
systems | unix
MD5 | 6b606ace12307bd1a789625928665a17
PoShFoTo - PowerShell Forensics Toolkit
Posted May 30, 2016
Authored by Mark Osborne

PoShFoTo is the PowerShell Forensics Toolkit, which contains a dozen PowerShell tools that allow you to do basic incident response and malware forensics. It includes Hex Dumper, Registry timeline generator, File timeline generator, and PE-block analyzer.

tags | tool, registry, forensics
MD5 | 673b2a4b87cedb101f9de66c93749bb4
Xplico Network Forensic Analysis Tool 1.1.2
Posted Feb 17, 2016
Authored by Gianluca Costa, Andrea de Franceschi | Site xplico.org

Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc. This is the version that has a GUI allowing you to view photos, texts and videos contained in MMS messages.

Changes: IPv4 defragmentation and CapAnalysis dissectors and dispatcher were changed.
tags | tool, imap, forensics
systems | linux
MD5 | 741633163c0619389b6c9554095f667c
Android Connections Forensics 1.0
Posted Dec 14, 2015
Authored by Itay Kruk | Site github.com

This tool enables a forensic investigator to map connections to originating processes on Android. It does not require root privileges but requires adb and usb debugging. It is meant to assist in detection of malicious APKs.

tags | tool, root, forensics
systems | unix
MD5 | 29f19dadbca5d6f4bd7417e53dab0d79
Mobius Forensic Toolkit 0.5.24
Posted Dec 3, 2015
Site savannah.nongnu.org

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Changes: Many updates to the C++ and python APIs. Various other improvements.
tags | tool, python, forensics
MD5 | 900c5272996e4ade4536231c8b72ebc5
Xplico Network Forensic Analysis Tool 1.1.1
Posted Nov 2, 2015
Authored by Gianluca Costa, Andrea de Franceschi | Site xplico.org

Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc. This is the version that has a GUI allowing you to view photos, texts and videos contained in MMS messages.

Changes: Added MGCP dissector. IMAP bug fixed.
tags | tool, imap, forensics
systems | linux
MD5 | ce666a8bee310b268392ae99f51d67e5
Mobius Forensic Toolkit 0.5.23
Posted Oct 7, 2015
Site savannah.nongnu.org

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Changes: Many updates to the C++ and python APIs. Various other improvements.
tags | tool, python, forensics
MD5 | e7ffc92206db9fb1c3e335bfe5516b3b
Mobius Forensic Toolkit 0.5.22
Posted Sep 9, 2015
Site savannah.nongnu.org

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Changes: Updates to emule-agent. Various bug fixes and improvements.
tags | tool, python, forensics
MD5 | 6792dd1227dd15e3793015bc339211bf
Mobius Forensic Toolkit 0.5.21
Posted Oct 7, 2014
Site savannah.nongnu.org

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Changes: Two new extensions. Multiple changes to hive-report and gtk-ui.
tags | tool, python, forensics
systems | unix
MD5 | 7e13f23c5b8fffada7033cba8c39c670
In Lieu Of Swap: Analyzing Compressed RAM In Mac OS X And Linux
Posted Aug 28, 2014
Authored by Andrew Case, Golden G. Richard III

Whitepaper called In lieu of swap: Analyzing compressed RAM in Mac OS X and Linux. This paper discusses the difficulty of analyzing swap files in more detail, the compressed RAM facilities in Mac OS X and Linux, and the author's new tools for analysis of compressed RAM. These tools are integrated into the open-source Volatility framework.

tags | paper, forensics
systems | linux, apple, osx
MD5 | fac4b2bf6db6bfdea8da11c5c3607f7d
Mobius Forensic Toolkit 0.5.20
Posted Jul 25, 2014
Site savannah.nongnu.org

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Changes: New extension cellphone-agent has been added. Various other UI and report model updates.
tags | tool, python, forensics
systems | unix
MD5 | daa112c8ebfcc090c16e2f04a3fb12cd
ChromeFreak Forensic Tool
Posted May 1, 2014
Authored by Osanda Malith

ChromeFreak is a python script that lets you look at history, downloads, bookmarks, and cookies for a given Chrome client.

tags | tool, python, forensics
MD5 | a160acf2a125b9982c38538a90269175
Page 1 of 6
Back12345Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

July 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    1 Files
  • 2
    Jul 2nd
    26 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    11 Files
  • 5
    Jul 5th
    13 Files
  • 6
    Jul 6th
    4 Files
  • 7
    Jul 7th
    4 Files
  • 8
    Jul 8th
    1 Files
  • 9
    Jul 9th
    16 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    32 Files
  • 12
    Jul 12th
    22 Files
  • 13
    Jul 13th
    15 Files
  • 14
    Jul 14th
    1 Files
  • 15
    Jul 15th
    1 Files
  • 16
    Jul 16th
    3 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close