exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 76 - 100 of 164 RSS Feed

Forensics Files

Malware Analyser 3.1
Posted Jun 12, 2011
Authored by Beenu Arora | Site malwareanalyser.com

Malware Analyser is freeware tool to perform static and dynamic analysis on malwares.

Changes: Added DLL analysis and batch mode scan.
tags | tool, forensics
SHA-256 | 3af0d1f22f3669d267dde29c93584f1f6061588dcdc62dde41660a76aec55d2b
Xplico Network Forensic Analysis Tool 0.6.3
Posted Jun 7, 2011
Authored by Gianluca Costa, Andrea de Franceschi | Site xplico.org

Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc. This is the version that has a GUI allowing you to view photos, texts and videos contained in MMS messages.

Changes: New decoding manager. WebMail scripts improved. HTTP dissector improved. Various other updates.
tags | tool, imap, forensics
systems | linux
SHA-256 | 9584997febad95cd2d8b0e720d1fa39deb130b51696db56b3b3a2ada95d5f395
Digital Forensics Framework 1.1.0
Posted May 25, 2011
Authored by Christophe M., Solal J. | Site digital-forensic.org

DFF (Digital Forensics Framework) is a simple but powerful tool with a flexible module system which will help you in your digital forensics works, including file recovery due to error or crash, evidence research and analysis, etc. DFF provides a robust architecture and some handy modules.

Changes: The GUI is now available in Chinese and also fully supports Unicode. An AFF dump connector has been added, based on AFFLib by Simson L. Garfinkel. Another new module allows you to extract mailbox contents from PST, OST, and PAB files, while also recovering deleted, orphaned files, and unallocated clusters, based on Joachim Metz's LibPFF. A new cache system was added for File Mapping and File Descriptor, and new time stamps handling was added. FAT orphaned files scan and attributes have been improved. A bug when adding devices and files on Windows several times has been fixed. FAT and NTFS modules have also been fixed.
tags | tool, forensics
systems | unix
SHA-256 | 0dab2e10f9c2cb2d1363b51284e9616725f85e84aea58719848f41626fa894d1
Peepdf PDF Analyzer 0.1
Posted May 10, 2011
Authored by Jose Miguel Esparza | Site peepdf.eternal-todo.com

peepdf is a Python tool to explore PDF files in order to find out if the file can be harmful or not. The aim of this tool is to provide all the necessary components that a security researcher could need in a PDF analysis without using 3 or 4 tools to make all the tasks. With peepdf it's possible to see all the objects in the document showing the suspicious elements, supports all the most used filters and encodings, it can parse different versions of a file, object streams and encrypted files. With the installation of Spidermonkey and Libemu it provides Javascript and shellcode analysis wrappers too. It's also able to create new PDF files and to modify existent ones.

tags | tool, javascript, shellcode, python, forensics
SHA-256 | d33183f26435322007fe6f34df27b06941c7bd1ea2307d6311f0d0bca46042eb
Xplico Network Forensic Analysis Tool 0.6.2
Posted May 3, 2011
Authored by Gianluca Costa, Andrea de Franceschi | Site xplico.org

Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc. This is the version that has a GUI allowing you to view photos, texts and videos contained in MMS messages.

Changes: l7-patterns for all flows/protocols not decoded by Xplico. Xplico Interface (XI) improved. Python3 porting of many script. Various other bug fixes.
tags | tool, imap, forensics
systems | linux
SHA-256 | b9516f367af7a347e61ade0106c508246b38cb4e1dcbece44616718b23a7badf
Malware Analyser 3.0
Posted Apr 21, 2011
Authored by Beenu Arora | Site malwareanalyser.com

Malware Analyser is freeware tool to perform static and dynamic analysis on malwares.

Changes: Added banking trojan traces and dynamic register analysis. Improved traces signatures. Various other updates.
tags | tool, forensics
SHA-256 | f0441c544a8826462e893ab8a63bb69a28c9d6e665cbbe115dcd76279374aa05
Malheur Malware Analyzer 0.5.0
Posted Apr 20, 2011
Authored by Konrad Rieck | Site mlsec.org

Malheur is a tool for automatic analysis of program behavior recorded from malicious software (malware). It is designed to support the regular analysis of malicious software and the development of detection and defense measures. It allows for identifying novel classes of malware with similar behavior and assigning unknown malware to discovered classes. It can be applied to recorded program behavior of various formats as long as monitored events are separated by delimiter symbols, e.g. as in reports generated by the popular malware sandboxes CWSandbox, Anubis, Norman Sandbox, and Joebox.

Changes: All configuration parameters can be specified on the command line. The manual page and documentation have been updated and extended. Minor bugs have been fixed.
tags | tool, forensics
systems | unix
SHA-256 | 3be1c2c3ddf9fa21e38ce94750996f036a69b033f1baf6d76c0a960a040fd74e
Mobius Forensic Toolkit 0.5.7
Posted Feb 28, 2011
Site savannah.nongnu.org

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Changes: Six news registry reports were added - user assist, recent docs, product keys, O.S. folders, user logon info, and computer info. Minor improvements were made.
tags | tool, python, forensics
systems | unix
SHA-256 | 50c17be7feb4f17c9b55e331490c6fc1b4a79d0c13287fc82c168b7bccf58523
Mobius Forensic Toolkit 0.5.6.1
Posted Jan 19, 2011
Site savannah.nongnu.org

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Changes: A bug in the startup code for release 0.5.6 was fixed.
tags | tool, python, forensics
systems | unix
SHA-256 | 66a3930e270ce3dfd0eabe64b232e0422f037e386013002a79bcd3787ae0d318
Mobius Forensic Toolkit 0.5.6
Posted Jan 18, 2011
Site savannah.nongnu.org

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Changes: The Hive Report features 8 new registry reports: installed programs, storage devices, optical devices, network adapters, video adapters, imaging devices, monitor devices, and user passwords. The user passwords report shows LM and NT hashes unencrypted. Minor improvements and bugfixes were made.
tags | tool, python, forensics
systems | unix
SHA-256 | 1affca7df1e85871399ae4a82c53dab4e28a4bcc346d018de7f35a5dce58ef87
Digital Forensics Framework 0.9
Posted Jan 13, 2011
Authored by Christophe M., Solal J. | Site digital-forensic.org

DFF (Digital Forensics Framework) is a simple but powerful tool with a flexible module system which will help you in your digital forensics works, including file recovery due to error or crash, evidence research and analysis, etc. DFF provides a robust architecture and some handy modules.

tags | tool, forensics
systems | unix
SHA-256 | 7456c948b4e8fcbf26174784df3f5815475dcacc68a70f76e3281751c2c35856
Phorensix VoIP Forensics Tool For Asterisk 1
Posted Jan 11, 2011
Authored by Jesus Oquendo

Phorensix is a post-login VoIP forensics tool created for Asterisk (tested on Asterisk 1.4.5 to be exact). Phorensix takes a look at a rogue host connecting to a vulnerable account. Who is connecting, where are they coming from, what are they doing to my PBX, what are they doing ON MY PBX.

tags | tool, forensics
SHA-256 | c1c3095c55f2ee325938757792b91d6a8739f648eb60657a6fc3e8c534058355
Xplico Network Forensic Analysis Tool 0.6.1
Posted Dec 6, 2010
Authored by Gianluca Costa, Andrea de Franceschi | Site xplico.org

Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc. This is the version that has a GUI allowing you to view photos, texts and videos contained in MMS messages.

Changes: Paltalk dissector, MSN basic dissector, various bug fixes.
tags | tool, imap, forensics
systems | linux
SHA-256 | de0c57b37109cfbaba4a190e1ef6cb73c8ee928c13c75f4f313ed60987572116
Digital Forensics Framework 0.8
Posted Oct 28, 2010
Authored by Christophe M., Solal J. | Site digital-forensic.org

DFF (Digital Forensics Framework) is a simple but powerful tool with a flexible module system which will help you in your digital forensics works, including file recovery due to error or crash, evidence research and analysis, etc. DFF provides a robust architecture and some handy modules.

Changes: Ext2/3/4 and NTFS are now supported. The picture viewer now extracts thumbnails and EXIF metadata, and next and previous buttons are available. Linux live analysis is now possible. Browsers were enhanced. Widget management was improved. Menus were cleaned up. Live doc was enhanced by providing more information when calling "help(classname)" from the Python interpreter. The IDE now supports templates for new MFSO from v0.7.0. FAT FS manages recursion on deleted folders. A new statistic module was added, which produces a round chart listing the number of files by data type. A bindiff module was added, showing hex differences between two binary streams.
tags | tool, forensics
SHA-256 | 9d14ea628e736100b45e525fbce6d87eb7d25c5aae7d82b7953a4aa9389ac94b
Xplico Network Forensic Analysis Tool 0.6.0
Posted Oct 5, 2010
Authored by Gianluca Costa, Andrea de Franceschi | Site xplico.org

Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc. This is the version that has a GUI allowing you to view photos, texts and videos contained in MMS messages.

Changes: XI configuration and administrator pages have been added. IRC, ARP/RARP, radiotap and other dissectors have been added.
tags | tool, imap, forensics
SHA-256 | b19b074e421a326d04c0e311798ab6b4e157d9889a469732c033aaa433452907
Mobius Forensic Toolkit 0.5.5
Posted Oct 4, 2010
Site savannah.nongnu.org

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Changes: The Hive extension assembles the registry\'s logical structure, akin to that viewed with regedit. The new extension Hive Report adds report capabilities to the Hive extension. Three registry reports were added: OS information, user accounts and user profiles. The Report Viewer extension shows generated reports.
tags | tool, python, forensics
SHA-256 | ec65b64f4524a8a7deb461ff0b8df63db26df45397d7cee1b846bd19b53dd82f
Mobius Forensic Toolkit 0.5.4
Posted Aug 17, 2010
Site savannah.nongnu.org

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Changes: Extensions are now deployed in .mobius files. This release features three new extensions: Datasource SCSI, for drag\'n\'drop of /dev/sd* files directly into case, Data Viewer, a hexviewer for case items, and Extension Manager. Floppy Imager has been improved and uses direct I/O only. Minor improvements were made.
tags | tool, python, forensics
SHA-256 | 8fece0be5e53840fa80529cdefbf4c44bef1b6da471218f38589fbe33c2e45bb
Malheur Malware Analyzer 0.4.8
Posted Aug 6, 2010
Authored by Konrad Rieck | Site mlsec.org

Malheur is a tool for automatic analysis of program behavior recorded from malicious software (malware). It is designed to support the regular analysis of malicious software and the development of detection and defense measures. It allows for identifying novel classes of malware with similar behavior and assigning unknown malware to discovered classes. It can be applied to recorded program behavior of various formats as long as monitored events are separated by delimiter symbols, e.g. as in reports generated by the popular malware sandboxes CWSandbox, Anubis, Norman Sandbox, and Joebox.

Changes: Support was added for shared n-grams: when identifying a cluster of similar malware behavior, Malheur allows you to extract a set of instructions shared by the members in the cluster.
tags | tool, forensics
SHA-256 | df152eb282e18a93d369d9d2a4b5080144ecc1e024ca75649e2b5307ca065711
Digital Forensics Framework 0.7.0
Posted Jul 26, 2010
Authored by Christophe M., Solal J. | Site digital-forensic.org

DFF (Digital Forensics Framework) is a simple but powerful tool with a flexible module system which will help you in your digital forensics works, including file recovery due to error or crash, evidence research and analysis, etc. DFF provides a robust architecture and some handy modules.

Changes: This release is dedicated to the DFRWS 2010 challenge. The API was rewritten to provide mapped file system objects, allowing data identification from a very low level. Attributes on nodes were improved, so any module can dynamically add its own attributes. Support was added for BSD systems. Many bugs were fixed. Graphical embellishments were made.
tags | tool, forensics
SHA-256 | fb2b7acd857cba9b4c1a757a137b0cca0e7013ec228cec1207e9e466749671c8
Xplico Network Forensic Analysis Tool 0.5.8
Posted Jun 30, 2010
Authored by Gianluca Costa, Andrea de Franceschi | Site xplico.org

Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc. This is the version that has a GUI allowing you to view photos, texts and videos contained in MMS messages.

Changes: RTP, FTP, Telnet, SIP dissectors improvements. Various bug fixes. New tool named trigcap to manage pcap.
tags | tool, imap, forensics
SHA-256 | 7774ae1bcb40d0442f751b75726b0656a983490e5d60ee1c82155d6d79878a4a
Xplico Network Forensic Analysis Tool 0.5.7
Posted May 10, 2010
Authored by Gianluca Costa, Andrea de Franceschi | Site xplico.org

Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc. This is the version that has a GUI allowing you to view photos, texts and videos contained in MMS messages.

Changes: This version introduces VoIP tapping and a new RTCP dissector.
tags | tool, imap, forensics
SHA-256 | 12d1f3f07bb25e1e6ecedc78701debec16990a61fbe6ae2031f65891235e796d
Process Dumper 1.1 Windows Version
Posted Apr 23, 2010
Authored by Tobias Klein

Process Dumper is able to make a dump of a running process in a forensical manner. Windows version.

tags | tool, forensics
systems | windows
SHA-256 | 4bc0e65d8f2c0bf6645f69209e08992fbcb9193f1f25e64e825c0275d08dca20
Process Dumper 1.1 Linux Version
Posted Apr 23, 2010
Authored by Tobias Klein

Process Dumper is able to make a dump of a running process in a forensical manner. Linux version.

tags | tool, forensics
systems | linux
SHA-256 | 4e60a60adc611b7b94aa58472701a8fe1f939fbf445141ab433d39f4ad84d3b7
Xplico Network Forensic Analysis Tool 0.5.6
Posted Apr 22, 2010
Authored by Gianluca Costa, Andrea de Franceschi | Site xplico.org

Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc. This is the version that has a GUI allowing you to view photos, texts and videos contained in MMS messages.

Changes: This version introduces RTP dissector, SIP dissector, SDP dissector, and the HTTP reconstruction file. Added undecodec UDP and TCP stream with textual content.
tags | tool, imap, forensics
SHA-256 | 709fcb2ff7efc6bb34aa3082f84cae7df7fc8afd585e2dd7b69faee598db9ab1
Mobius Forensic Toolkit 0.5.3
Posted Mar 28, 2010
Site savannah.nongnu.org

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Changes: This release introduces the Hive extension, a registry file browser/viewer. XML pickle now encodes arbitrary dictionaries and Python objects that have circular and self references.
tags | tool, python, forensics
SHA-256 | eac3c87a53ef8be8a49e6b33dbbfb2c839d678ceec6ca9581908f75f23675a94
Page 4 of 7
Back23456Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    16 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close