what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 126 - 150 of 165 RSS Feed

Forensics Files

MP3nema Forensic Analysis Tool
Posted Apr 8, 2009
Authored by enferex | Site 757labs.com

MP3nema is a tool aimed at analyzing and capturing data that is hidden between frames in an MP3 file or stream, otherwise noted as "out of band" data. This utility also supports adding data between frames and capturing streaming audio.

Changes: This release uses a more portable version of the exit call.
tags | tool, forensics
SHA-256 | dd89b6669c9fac6dd190e92105d66d8f9f393fd2414137a01b9950a96aed15c0
Mobius Forensic Toolkit
Posted Mar 30, 2009
Site savannah.nongnu.org

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Changes: The part catalogue now imports and exports catalogues. Minor bugs were fixed.
tags | tool, python, forensics
SHA-256 | 7e2fdb114fdda4db65235e7225e982619612a6afd7c3a6a4a586fb161b731524
Xplico Internet Traffic Decoder With GUI
Posted Mar 16, 2009
Authored by Gianluca Costa, Andrea de Franceschi | Site xplico.org

Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc. This is the version that has a GUI allowing you to view photos, texts and videos contained in MMS messages.

Changes: This release introduce the MMS dissector. With this dissector it is possible to reconstruct the MMS message transported by HTTP protocol and extracts the media contained. This release introduces the generation of geographical and temporal map (GeoMap) of data rebuilding. The files generated are kml files and can be used with Google Earth.
tags | tool, imap, forensics
SHA-256 | 7ba1c4d05320cca514a145d5c8c6f913d21e5f7f72cd9d1dcb7d10c0333b5f5b
Xplico Internet Traffic Decoder
Posted Mar 16, 2009
Authored by Gianluca Costa, Andrea de Franceschi | Site xplico.org

Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc.

Changes: This release introduce the MMS dissector. With this dissector it is possible to reconstruct the MMS message transported by HTTP protocol and extracts the media contained. This release introduces the generation of geographical and temporal map (GeoMap) of data rebuilding. The files generated are kml files and can be used with Google Earth.
tags | tool, imap, forensics
SHA-256 | ec89c87b5dacd6f201e2078550115234eed3074ba07c6eb7006c38acee229079
Xplico Network Forensics Analysis Tool 0.1
Posted Jan 12, 2009
Authored by Gianluca Costa, Andrea de Franceschi | Site xplico.org

Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc.

Changes: Added the IMAP dissector.
tags | tool, imap, forensics
SHA-256 | 2c7281e26af9f4375f1fba80d772b37b730c87d38141e6995bc2ead45f2ef103
cadfile.zip
Posted Nov 26, 2008
Authored by David Litchfield | Site databasesecurity.com

Orablock allows a forensic investigator the ability to dump data from a "cold" Oracle data file.There is no need to load up the data file in the database which would cause the data file to be modified, so using orablock preserves the evidence.Orablock can also be used to locate "stale" data - data that has been deleted or updated.

tags | tool, forensics
SHA-256 | c27a3adbdc20b162d44045a32dee98aa4c8cc3e34d7b97443c808d75c9a898ef
mp3nema-v0_2.tar.gz
Posted Nov 24, 2008
Authored by enferex | Site 757labs.com

MP3nema is a tool aimed at analyzing and capturing data that is hidden between frames in an MP3 file or stream, otherwise noted as "out of band" data. This utility also supports adding data between frames and capturing streaming audio.

Changes: Added wording to usage statement. Flushes out of band data file pointer when saving out of band data. Various other improvements.
tags | tool, forensics
SHA-256 | a4507d1404d7468df71c01e42cd42ee5594311ab6160300c3894c420dd2741e1
xplico-0.1_deft4.tgz
Posted Nov 24, 2008
Authored by Gianluca Costa, Andrea de Franceschi | Site xplico.org

Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc.

Changes: Added the console-mode (shell) execution, IPP and PJL dissectors, and many improvements to the user interface.
tags | tool, imap, forensics
SHA-256 | e9affa27ef7ddc786623bc099107ff8fe82b57542c3cfaf3897cae51c7534a5f
msnshadow-0.3_beta.tar.bz2
Posted Oct 1, 2008
Authored by Gabriel Menezes Nunes | Site msnshadow.sourceforge.net

MSN Shadow is a forensics tool to analyze the MSN protocol. It has features such as: text sniffing, video sniffing, spoofing messages, hijacking sessions, shutdown users, save text sniffed in HTML format, save video sniffed in AVI format.

Changes: Adds ability to capture contacts links, red pcap files, and detect video streams.
tags | tool, spoof, protocol, forensics
SHA-256 | e7331cd723d4ae95e29f6203b85b974961b0df0ff61cd4d3f7adb30da7c6d73c
mp3nema-v0_01.tar.gz
Posted Aug 18, 2008
Authored by enferex | Site 757labs.com

MP3nema is a tool aimed at analyzing and capturing data that is hidden between frames in an MP3 file or stream, otherwise noted as "out of band" data. This utility also supports adding data between frames and capturing streaming audio.

tags | tool, forensics
SHA-256 | 5d9dd671331feca67c471784ad3d257d4a8ef1bf1a7de712ee621a2fbf57f1f4
PDFResurrect PDF Analyzer 0.4
Posted Aug 13, 2008
Authored by enferex | Site 757labs.com

PDFResurrect is a tool aimed at analyzing PDF documents. The PDF format allows for previous document changes to be retained in a more recent version of the document, thereby creating a running history of changes for the document. This tool attempts to extract all previous versions while also producing a summary of changes between versions. It can also "scrub" or write data over the original instances of PDF objects that have been modified or deleted, in an effort to disguise information from previous versions that might not be intended for anyone else to read.

tags | tool, forensics
SHA-256 | 78f9e8b9424d30f7bfbee06a10ca6e39c49bc5d9376b6de1b76986f26d2912b0
xplico_phpgui-0.1_deft3x.tgz
Posted Jun 11, 2008
Authored by Gianluca Costa, Andrea de Franceschi | Site xplico.org

PHP GUI for the Xplico open source network forensic analysis tool.

tags | tool, php, forensics
SHA-256 | 5024a4a5896276b861c8306e55bd136b54baca47cab0878ca55ff8dc58c98957
xplico-0.1_deft3x.tgz
Posted Jun 11, 2008
Authored by Gianluca Costa, Andrea de Franceschi | Site xplico.org

Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc.

tags | tool, imap, forensics
SHA-256 | 1a4ab3b53f981aa4022c3313865763c8b67fd5e63f859c3c62366a437817e5bc
metagoofil-1.4.tar.gz
Posted Apr 21, 2008
Authored by Christian Martorella | Site edge-security.com

Metagoofil is an information gathering tool designed for extracting the Meta-Data of public documents (pdf,doc,xls,ppt,etc) available on target/victim websites. It will generate a html page with the results of the Meta-Data extracted, plus a list of potential usernames.

Changes: This new version extracts the MAC address of Microsoft Office documents. The output has some changes and some minor fixes have been implemented.
tags | tool, forensics
SHA-256 | 609b999c777eaefa1a6f699b9382a29688351d4b790e6939a48541f3e48bf378
SandMan-1.0.080226.zip
Posted Feb 27, 2008
Authored by Matthieu Suiche | Site sandman.msuiche.net

SandMan is a framework providing a C library and a python portage to make readable and writable the Windows hibernation file.

tags | tool, python, forensics
systems | windows
SHA-256 | 27bb058fc6ce055eeda72be42b81eaf5940c929399142572a4444c77d81195f3
PExtractor_v0.18b_binary_and_src.rar
Posted Jan 25, 2008
Authored by Lympex | Site l-bytes.tk

PExtractor is a forensics tool that can extract all files from an executable file created by a joiner or similar.

tags | tool, forensics
SHA-256 | d56062cf1ab0f5323aba9e3a81dd0852581f7c1b341823615c4690370255642a
metagoofil-1.2.tar.gz
Posted Aug 28, 2007
Authored by Christian Martorella | Site edge-security.com

Metagoofil is an information gathering tool designed for extracting the Meta-Data of public documents (pdf,doc,xls,ppt,etc) available on target/victim websites. It will generate a html page with the results of the Meta-Data extracted, plus a list of potential usernames.

tags | tool, forensics
SHA-256 | 8c49c6d124ce306d5ac93abcae29b512208692a266434423eb044eb6fd0e59fd
vinetto-beta-0.07.tar.gz
Posted Jun 20, 2007
Authored by rukin | Site vinetto.sourceforge.net

Vinetto is a tool intended for forensics examinations. It is a console program to extract thumbnail images and their metadata from those thumbs.db files generated under Microsoft Windows. Vinetto works under Linux, Cygwin(win32) and Mac OS X.

tags | tool, forensics
systems | linux, windows, apple, osx
SHA-256 | 1dccf3385e5654d4cb3bbf6a757e3639b142249f8e4badbdc7f8f2388a1f6367
msnshadow-0.2-beta.tar.bz2
Posted May 31, 2007
Authored by Gabriel Menezes Nunes | Site msnshadow.sourceforge.net

MSN Shadow is a forensics tool to analyze the MSN protocol. It has features such as: text sniffing, video sniffing, spoofing messages, hijacking sessions, shutdown users, save text sniffed in HTML format, save video sniffed in AVI format.

tags | tool, spoof, protocol, forensics
SHA-256 | 3fbfe9ab9516006f29f16fa21536c097c3cce768db8ca4623f036940ab806be1
ftimes-3.8.0.tgz
Posted Apr 17, 2007
Authored by Klayton Monroe | Site ftimes.sourceforge.net

FTimes is a system baselining and evidence collection tool. Its primary purpose is to gather and/or develop topographical information and attributes about specified directories and files in a manner conducive to intrusion and forensic analysis. It was designed to support the following initiatives: content integrity monitoring, incident response, intrusion analysis, and computer forensics.

Changes: Various tweaks and enhancements.
tags | tool, forensics
SHA-256 | 8d25ea7a5778438fcee469f8824aa64b3a209769d358260e6c94a927e7064e58
IRCRv2.3.zip
Posted Nov 20, 2006
Authored by John McLeod | Site tools.phantombyte.com

The Incident Response Collection Report is a script to call a collection of tools that gathers and/or analyzes data on a Microsoft Windows system. You can think of this as a snapshot of the system in the past. Most of the tools are oriented towards data collection rather than analysis.

Changes: Fixed all path and command locations to meet Helix version 1.8 areas.
tags | tool, forensics
systems | windows
SHA-256 | ff88dae95bbb73013edae21fb9d6ff934a313cc33c486a6a5d15a9bd14318087
foremost-1.3.tar.gz
Posted Nov 2, 2006
Authored by Kris Kendall, Jesse Kornblum, Nick Mikus | Site foremost.sourceforge.net

Foremost is a console program that recovers files based on their headers, footers, and internal data structures. This process is commonly referred to as data carving. Foremost can work on image files, such as those generated by dd, Safeback, Encase, etc., or directly on a drive. The headers and footers can be specified by a configuration file, or you can use command line switches to specify built-in file types. These built-in types look at the data structures of a given file format, allowing for a more reliable and faster recovery. It was originally developed by the United States Air Force Office of Special Investigations and The Center for Information Systems Security Studies and Research.

tags | tool, forensics
SHA-256 | 3ea2ddd81247ef114be6f796cca86e1d2920dcb9b0d03212ec11aa71e4684c25
AtStakeTools.zip
Posted Oct 9, 2006
Site atstake.com

This is an archive of various @Stake tools that help perform vulnerability scanning and analysis, information gathering, password auditing, and forensics.

tags | tool, forensics
SHA-256 | 940a982de22b2a16a77c8a9239a4c129a32c00662e680f91e813279358ce0ef0
ftimes-3.7.0.tgz
Posted Jul 19, 2006
Authored by Klayton Monroe | Site ftimes.sourceforge.net

FTimes is a system baselining and evidence collection tool. Its primary purpose is to gather and/or develop topographical information and attributes about specified directories and files in a manner conducive to intrusion and forensic analysis. It was designed to support the following initiatives: content integrity monitoring, incident response, intrusion analysis, and computer forensics.

Changes: Removed the alpha designator.
tags | tool, forensics
SHA-256 | 767b58636f3812dbf89a9f1849e9568540a9f30648023bef95d7bab301c9fa37
vinetto-alpha-0.06.tar.gz
Posted May 9, 2006
Authored by rukin | Site vinetto.sourceforge.net

Vinetto is a tool intended for forensics examinations. It is a console program to extract thumbnail images and their metadata from those thumbs.db files generated under Microsoft Windows. Vinetto works under Linux, Cygwin(win32) and Mac OS X.

tags | tool, forensics
systems | linux, windows, apple, osx
SHA-256 | 6e80e1f1e854bf73507fd122a85a405832ccd122a979b8774612f92a468fd939
Page 6 of 7
Back34567Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close