DFF (Digital Forensics Framework) is a simple but powerful tool with a flexible module system which will help you in your digital forensics works, including file recovery due to error or crash, evidence research and analysis, etc. DFF provides a robust architecture and some handy modules.
b565474ab8ec094185c3cc0d027467bfdad87f3e9c5a2bd44f332997fdeb0b6e
Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc. This is the version that has a GUI allowing you to view photos, texts and videos contained in MMS messages.
3f591c7a631bafffaada2cfc5a79b9c4684f546ebd662c0ca097208d05d700f4
Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.
232ec5afa983cc8b501fa4e8ee80d6d1f37e86470769087221a285c808639184
Malheur is a tool for automatic analysis of program behavior recorded from malicious software (malware). It is designed to support the regular analysis of malicious software and the development of detection and defense measures. It allows for identifying novel classes of malware with similar behavior and assigning unknown malware to discovered classes. It can be applied to recorded program behavior of various formats as long as monitored events are separated by delimiter symbols, e.g. as in reports generated by the popular malware sandboxes CWSandbox, Anubis, Norman Sandbox, and Joebox.
f09e067a8a31743143add874ffdc7a4a5fd2f078cf7808c58fd8f79c9bd497d4
Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.
f88c29afdb78da90c0cd611ec1f656bd37756b57093938ba9140cb7a9074f11c
Malheur is a tool for automatic analysis of program behavior recorded from malicious software (malware). It is designed to support the regular analysis of malicious software and the development of detection and defense measures. It allows for identifying novel classes of malware with similar behavior and assigning unknown malware to discovered classes. It can be applied to recorded program behavior of various formats as long as monitored events are separated by delimiter symbols, e.g. as in reports generated by the popular malware sandboxes CWSandbox, Anubis, Norman Sandbox, and Joebox.
3530dccb3a426ab47e5db7746ea79e98d8e57353d7b1e19c0cba6da526dd3bc6
Malheur is a tool for automatic analysis of program behavior recorded from malicious software (malware). It is designed to support the regular analysis of malicious software and the development of detection and defense measures. It allows for identifying novel classes of malware with similar behavior and assigning unknown malware to discovered classes. It can be applied to recorded program behavior of various formats as long as monitored events are separated by delimiter symbols, e.g. as in reports generated by the popular malware sandboxes CWSandbox, Anubis, Norman Sandbox, and Joebox.
34da6bbc102ec549b6563c26b7f089d8f10c631825aacf6478c54cae6e058c02
Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc. This is the version that has a GUI allowing you to view photos, texts and videos contained in MMS messages.
73f9b69afe3b7c5c3c1b6f076a540b4124cf95293f3938097d054a9ee9edfbcd
Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.
ba639c28ebd94a99fdfc58fe1c3bc06fe46cdeb6bf11faa653ba673bc356f3e7
PDFResurrect is a tool aimed at analyzing PDF documents. The PDF format allows for previous document changes to be retained in a more recent version of the document, thereby creating a running history of changes for the document. This tool attempts to extract all previous versions while also producing a summary of changes between versions. It can also "scrub" or write data over the original instances of PDF objects that have been modified or deleted, in an effort to disguise information from previous versions that might not be intended for anyone else to read.
a0ff0a8ec79bf6713fe5bd669e6ff55f9916ec2d34e69f219fc8a3fcb182a836
DFF (Digital Forensics Framework) is a simple but powerful tool with a flexible module system which will help you in your digital forensics works, including file recovery due to error or crash, evidence research and analysis, etc. DFF provides a robust architecture and some handy modules.
bef4666115dc841aa9261669119e5ee6e78da744fd55f10e95aa28b5d07cc1d8
Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.
1e946d6cb871e772b137783156bcec35490bf7a95c3c638abf9cd5fd9d358f6f
Midfp (Message-ID Fingerprinter) determines the mail client from the message-id which is included in an email. It analyzes the structure of the message-id and compares it with regular expressions against a database.
a19386eab491198b5cf2bc2b4bc7bcce52d33d930d405033f5efcddbd4e4edcb
PDFResurrect is a tool aimed at analyzing PDF documents. The PDF format allows for previous document changes to be retained in a more recent version of the document, thereby creating a running history of changes for the document. This tool attempts to extract all previous versions while also producing a summary of changes between versions. It can also "scrub" or write data over the original instances of PDF objects that have been modified or deleted, in an effort to disguise information from previous versions that might not be intended for anyone else to read.
267e613adcd2e4def5a8b399243921d9e748a1b9c49c328a68a4fff6c8882117
PDFResurrect is a tool aimed at analyzing PDF documents. The PDF format allows for previous document changes to be retained in a more recent version of the document, thereby creating a running history of changes for the document. This tool attempts to extract all previous versions while also producing a summary of changes between versions. It can also "scrub" or write data over the original instances of PDF objects that have been modified or deleted, in an effort to disguise information from previous versions that might not be intended for anyone else to read.
ad97a700df805201f0faf0f1f0121a46a4839f54351997009d49262a8e3e0f46
Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.
c07a1a76ace83e1800214c992eb7beeeefdcdb1f7b8761410f00f8e6374b13c2
This is the web UI for the Xplico network forensic analysis tool.
bc90beb54356bd5dc7ed1b1e5d00b6228776e240a62feab26eaf073ff4dd778c
Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc. This is the version that has a GUI allowing you to view photos, texts and videos contained in MMS messages.
0a3af6d2072476f7a6ebb7cbbf8f2c9a549d43bf4f2629909d37a1776ad823ba
This is a python script designed to analyze malware.
f77fb43fd86a787ae3fc329382c635e64ea97b2fd9947f2d04eb20033722e76a
Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.
6b323c151879df0235ac826d0da19c0807a4c8c456ea8b3f06911db87ebe8b16
PDFResurrect is a tool aimed at analyzing PDF documents. The PDF format allows for previous document changes to be retained in a more recent version of the document, thereby creating a running history of changes for the document. This tool attempts to extract all previous versions while also producing a summary of changes between versions. It can also "scrub" or write data over the original instances of PDF objects that have been modified or deleted, in an effort to disguise information from previous versions that might not be intended for anyone else to read.
cf35a2dbcc6076011b5ad1bf115619a109832b123bfa84ba7d96cdbb3dba42cf
PDFResurrect is a tool aimed at analyzing PDF documents. The PDF format allows for previous document changes to be retained in a more recent version of the document, thereby creating a running history of changes for the document. This tool attempts to extract all previous versions while also producing a summary of changes between versions. It can also "scrub" or write data over the original instances of PDF objects that have been modified or deleted, in an effort to disguise information from previous versions that might not be intended for anyone else to read.
1af5864d29cfa29e73e8fdb612863cb6cc7243b364b86a2f4ec81557fe2b39f4
Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.
611a13a8f77eb33fe60fee0b95debe97f1371b5a4230fa05aa07147cce079595
MP3nema is a tool aimed at analyzing and capturing data that is hidden between frames in an MP3 file or stream, otherwise noted as "out of band" data. This utility also supports adding data between frames and capturing streaming audio.
dd89b6669c9fac6dd190e92105d66d8f9f393fd2414137a01b9950a96aed15c0
Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.
7e2fdb114fdda4db65235e7225e982619612a6afd7c3a6a4a586fb161b731524