what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 164 RSS Feed

Forensics Files

Mobius Forensic Toolkit 0.5.29
Posted Jul 5, 2017
Site savannah.nongnu.org

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Changes: Tons of changes to the C++ and python APIs. Various other changes.
tags | tool, python, forensics
SHA-256 | f9daa3938a428933d87d2f38eacb02277da3445ce8d514999769195bbafa2057
Mobius Forensic Toolkit 0.5.28
Posted Jun 15, 2017
Site savannah.nongnu.org

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Changes: New extension gtk-report-dialog. Improvements in attribute-viewer and lshw-agent. Various other changes.
tags | tool, python, forensics
SHA-256 | 1bb65be90903eee45e15d24af2b6c0dd010d78e1b445c853660193498c6eb8f8
Mobius Forensic Toolkit 0.5.27
Posted Feb 1, 2017
Site savannah.nongnu.org

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Changes: New extension lshw-agent. Various other improvements.
tags | tool, python, forensics
SHA-256 | 5d1cc57b1cde53ab593b0b89c3617da3df857eb179522dce6f782dd71400eac5
Mobius Forensic Toolkit 0.5.26
Posted Oct 10, 2016
Site savannah.nongnu.org

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Changes: Tons of C++ API changes. Various other improvements.
tags | tool, python, forensics
SHA-256 | 67612cefb5ed1c2a8bd34eb1e694adb0deab7abb0041128461794289f0d55190
Mobius Forensic Toolkit 0.5.25
Posted Jul 26, 2016
Site savannah.nongnu.org

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Changes: Many updates to the C++ and python APIs. Various other improvements.
tags | tool, python, forensics
SHA-256 | 8ea6f97365251b45ba9c6309e8b51366f74ef9536f1dad257d2ef65b930d88fa
GRR 3.1.0.2
Posted Jun 24, 2016
Authored by Andreas Moser, Mikhail Bushkov, Ben Galehouse, Milosz Lakomy | Site github.com

GRR Rapid Response is an incident response framework focused on remote live forensics. The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly triage attacks and perform analysis remotely. GRR consists of 2 parts: client and server. GRR client is deployed on systems that one might want to investigate. On every such system, once deployed, GRR client periodically polls GRR frontend servers for work. "Work" means running a specific action: downloading file, listing a directory, etc. GRR server infrastructure consists of several components (frontends, workers, UI servers) and provides web-based graphical user interface and an API endpoint that allows analysts to schedule actions on clients and view and process collected data.

Changes: Added Chrome desktop notifications. Added ability to create a hunt from a flow. Various other updates.
tags | tool, remote, web, forensics
systems | unix
SHA-256 | cebdc54c08fbf73c1dc36e7ad084e8d5637c9e8d3bc4821717eb8182601860b2
PoShFoTo - PowerShell Forensics Toolkit
Posted May 30, 2016
Authored by Mark Osborne

PoShFoTo is the PowerShell Forensics Toolkit, which contains a dozen PowerShell tools that allow you to do basic incident response and malware forensics. It includes Hex Dumper, Registry timeline generator, File timeline generator, and PE-block analyzer.

tags | tool, registry, forensics
SHA-256 | 2516e4a082ce0e53db6d6ba8ddfba777505de06d31bfefcccdabcff2c0057a2b
Xplico Network Forensic Analysis Tool 1.1.2
Posted Feb 17, 2016
Authored by Gianluca Costa, Andrea de Franceschi | Site xplico.org

Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc. This is the version that has a GUI allowing you to view photos, texts and videos contained in MMS messages.

Changes: IPv4 defragmentation and CapAnalysis dissectors and dispatcher were changed.
tags | tool, imap, forensics
systems | linux
SHA-256 | 08cc8bbae705e5ea3643d876e93b0dd14dd593595de0ae6ecf6a1089a056af25
Android Connections Forensics 1.0
Posted Dec 14, 2015
Authored by Itay Kruk | Site github.com

This tool enables a forensic investigator to map connections to originating processes on Android. It does not require root privileges but requires adb and usb debugging. It is meant to assist in detection of malicious APKs.

tags | tool, root, forensics
systems | unix
SHA-256 | eedc44e09534f1c71557e98530d738af8b8bd453581549b3ddb72e95a6d93ed0
Mobius Forensic Toolkit 0.5.24
Posted Dec 3, 2015
Site savannah.nongnu.org

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Changes: Many updates to the C++ and python APIs. Various other improvements.
tags | tool, python, forensics
SHA-256 | e29a9ddd3c50a61497594dbfeb1263ace0bbd21f51b26e136d50480e96a396d4
Xplico Network Forensic Analysis Tool 1.1.1
Posted Nov 2, 2015
Authored by Gianluca Costa, Andrea de Franceschi | Site xplico.org

Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc. This is the version that has a GUI allowing you to view photos, texts and videos contained in MMS messages.

Changes: Added MGCP dissector. IMAP bug fixed.
tags | tool, imap, forensics
systems | linux
SHA-256 | 81bb75ca79ffbb80d1cd1cbf1eb4137bd99bcdef18081279196a64b53a6b67f0
Mobius Forensic Toolkit 0.5.23
Posted Oct 7, 2015
Site savannah.nongnu.org

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Changes: Many updates to the C++ and python APIs. Various other improvements.
tags | tool, python, forensics
SHA-256 | 3e44a05f0eedbc975caae05e97abba4180b1ee68cd57e805f9a6f4b5ee24874d
Mobius Forensic Toolkit 0.5.22
Posted Sep 9, 2015
Site savannah.nongnu.org

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Changes: Updates to emule-agent. Various bug fixes and improvements.
tags | tool, python, forensics
SHA-256 | ae57c8a21c2d227c1da015994adc64253f0e248b89f387015b92bfbd5c8afc05
Mobius Forensic Toolkit 0.5.21
Posted Oct 7, 2014
Site savannah.nongnu.org

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Changes: Two new extensions. Multiple changes to hive-report and gtk-ui.
tags | tool, python, forensics
systems | unix
SHA-256 | 5afbe6c5e0bd259d772e5a5cbb4b8ccce42387b7797d12701a68c272424f3faa
In Lieu Of Swap: Analyzing Compressed RAM In Mac OS X And Linux
Posted Aug 28, 2014
Authored by Andrew Case, Golden G. Richard III

Whitepaper called In lieu of swap: Analyzing compressed RAM in Mac OS X and Linux. This paper discusses the difficulty of analyzing swap files in more detail, the compressed RAM facilities in Mac OS X and Linux, and the author's new tools for analysis of compressed RAM. These tools are integrated into the open-source Volatility framework.

tags | paper, forensics
systems | linux, apple, osx
SHA-256 | 1ddd0eee0008fb9756e99dd2a397a4b85daab9c0e6c31fc8bc3ada8fb8ea862a
Mobius Forensic Toolkit 0.5.20
Posted Jul 25, 2014
Site savannah.nongnu.org

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Changes: New extension cellphone-agent has been added. Various other UI and report model updates.
tags | tool, python, forensics
systems | unix
SHA-256 | 3a8266ae401d355298c31567df9ddb852a88a6a4a046df54bb7ff50e1cacccaf
ChromeFreak Forensic Tool
Posted May 1, 2014
Authored by Osanda Malith

ChromeFreak is a python script that lets you look at history, downloads, bookmarks, and cookies for a given Chrome client.

tags | tool, python, forensics
SHA-256 | 04ef8fca4c69d704bdadc41914416652c14a94a72450dca294bcd9fe0180976d
SkypeFreak Forensic Tool
Posted Mar 21, 2014
Authored by Osanda Malith

This tool can be used to enumerate Skype users profiles, contacts, messages, and calls from the main.db file. This is automated easy to use application in which to perform forensic spelunking of Skype data.

tags | tool, forensics
SHA-256 | c5eb5f2d1fcead4e96207e4b85959a611b231d00883e83e72cbcb504f8e2d96d
Busybox Statically Compiled With Ash
Posted Mar 12, 2014
Authored by Maximilian S Burkhardt, Denys Vlasenko | Site busybox.net

This is a statically compiled version of Busybox that contains multiple built-in utilities including the ash shell. It was created with forensics use cases in mind.

tags | tool, shell, forensics
SHA-256 | ad78938a532173ac62ba2999a6361d901885ce4ddbd6a37f3f768f2cc722abb0
Xplico Network Forensic Analysis Tool 1.1.0
Posted Jan 7, 2014
Authored by Gianluca Costa, Andrea de Franceschi | Site xplico.org

Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc. This is the version that has a GUI allowing you to view photos, texts and videos contained in MMS messages.

Changes: This release improves performance, and adds the new dissectors Yahoo Messenger, Cisco HDLC, and Null/Loopback. The nDPI library has been updated. Alice Webmail and Libero Webmail decoding have been added.
tags | tool, imap, forensics
systems | linux
SHA-256 | 3e0854ca7338efe0a0688525ac09c015a0cf8cc16db0840fa5c65351038594ac
Malheur Malware Analyzer 0.5.4
Posted Dec 25, 2013
Authored by Konrad Rieck | Site mlsec.org

Malheur is a tool for automatic analysis of program behavior recorded from malicious software (malware). It is designed to support the regular analysis of malicious software and the development of detection and defense measures. It allows for identifying novel classes of malware with similar behavior and assigning unknown malware to discovered classes. It can be applied to recorded program behavior of various formats as long as monitored events are separated by delimiter symbols, e.g. as in reports generated by the popular malware sandboxes CWSandbox, Anubis, Norman Sandbox, and Joebox.

Changes: Support for the new version of libarchive has been added. Minor bugs have been fixed.
tags | tool, forensics
systems | unix
SHA-256 | bb3db24ceb168a4ff7687bd7d877b71a411226d83905158d3b5d10be38c9b052
Mobius Forensic Toolkit 0.5.19
Posted Oct 9, 2013
Site savannah.nongnu.org

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Changes: The partition-agent extension automatically adds partitions to case when a data source is set. New registry report: "Shared Folders". Minor improvements have been made.
tags | tool, python, forensics
systems | unix
SHA-256 | ffe982babe45ec9f674c2df0bd0a79f87feded95e42a590feafaba4dbd11c5e7
Mobius Forensic Toolkit 0.5.18
Posted Apr 23, 2013
Site savannah.nongnu.org

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Changes: This release features the new Gigatribe Agent extension, an extension to browse Gigatribe chat files. Five new registry reports have been added to the hive-report extension: Gigatribe accounts, Gigatribe download folders, Gigatribe requested passwords, Ares Search History, and Wifi Network List. Minor improvements and bugfixes have been made.
tags | tool, python, forensics
systems | unix
SHA-256 | 3abe6e1063e80a66c609e4a0d369660588bfdefb8c8fff994d8199dab739ca5e
FTimes 3.10.0
Posted Apr 9, 2013
Authored by Klayton Monroe | Site ftimes.sourceforge.net

FTimes is a system baselining and evidence collection tool. Its primary purpose is to gather and/or develop topographical information and attributes about specified directories and files in a manner conducive to intrusion and forensic analysis. It was designed to support the following initiatives: content integrity monitoring, incident response, intrusion analysis, and computer forensics.

Changes: The code was cleaned up and refined as necessary. Several bugs have been fixed. This release includes updated support for file hooks and introduces KL-EL-based XMagic. Consequently, the minimum required version of libklel has been raised to 1.1.0, which has a library version of 2:0:1. File system support for SquashFS was added.
tags | tool, forensics
systems | linux
SHA-256 | 3bd4a66c685e365d0dc4f74edaf220808530d75e78fa0246c7727d5597e95af2
F0xChas3r Firefox Forensic Tool
Posted Apr 5, 2013
Authored by Andy Yang

F0xChas3r is a forensic tool for extracting and viewing internet artifacts from Mozilla Firefox. The internet artifacts include bookmark, auto-complete, download, cookie, DomStorage, history, extension and cache records. All the outputs will be saved into CSV file with UTC time.

tags | tool, forensics
SHA-256 | 4fa6d2540816014047006fa13458ba935ad5850ee82f723dfaee600cd085fe5a
Page 2 of 7
Back12345Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    16 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close