Category Forensics

Process Hacker just updated to v1.9

Process Hacker is a free and open source process viewer and memory editor with unique features such as powerful process termination and a Regex memory searcher. It can show services, processes and their threads, modules, handles and memory regions.

Read More

Process Hacker v1.8 released

Process Hacker is a free and open source process viewer and memory editor with unique features such as powerful process termination and a Regex memory searcher. It can show services, processes and their threads, modules, handles and memory regions.

Read More

Mobius Forensic Toolkit v0.5 released

Mobius Forensic Toolkit is an open-source forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files, for easy integration with other tools.

Read More

log2timeline v0.40 released

log2timeline is a framework for artifact timeline creation and analysis. The main purpose is to provide a single tool to parse various log files and artifacts found on suspect systems (and supporting systems, such as network equipment) and produce a body file that can be used to create a timeline, using tools such as mactime from TSK, for forensic investigators.

Read More

NetworkMiner updated to v0.91

NetworkMiner is a Network Forensic Analysis Tool (NFAT) for Windows. NetworkMiner can be used as a passive network sniffer/packet capturing tool in order to detect operating systems, sessions, hostnames, open ports etc. without putting any traffic on the network.

Read More

Process Hacker v1.7 released

Process Hacker is a free and open source process viewer and memory editor with unique features such as powerful process termination and a Regex memory searcher. It can show services, processes and their threads, modules, handles and memory regions.

Read More

iWatch v0.2.2 - realtime filesystem monitoring program

iWatch is a realtime filesystem monitoring program. Its purpose is to monitor any changes in a specific directory or file and send email notification immediately after the change.

Read More

Xplico v0.5.3 released

The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email (POP, IMAP, and SMTP protocols), all HTTP contents, each VoIP call (SIP), FTP, TFTP, and so on. Xplico isn’t a network protocol analyzer. Xplico is an open source Network Forensic Analysis Tool (NFAT).

Read More

log2timeline v0.33b - artifact timeline creation and analysis

log2timeline is a framework for artifact timeline creation and analysis. The main purpose is to provide a single tool to parse various log files and artifacts found on suspect systems (and supporting systems, such as network equipment) and produce a body file that can be used to create a timeline, using tools such as mactime from TSK, for forensic investigators.

Read More

NetWitness v9.0 released

NetWitness NextGen is a comprehensive network security monitoring solution. Looking for insider threats, data leakage, malware activity, asset misuse, network anomalies, compliance, and network e-discovery.

Read More

NetworkMiner v0.90 released!

NetworkMiner is a Network Forensic Analysis Tool (NFAT) for Windows. NetworkMiner can be used as a passive network sniffer/packet capturing tool in order to detect operating systems, sessions, hostnames, open ports etc. without putting any traffic on the network.

Read More

Enhanced Mitigation Evaluation Toolkit v1.0.2 released

Security mitigation technologies are technologies designed to make it more difficult for an attacker to exploit vulnerabilities in a given piece of software. The Enhanced Mitigation Evaluation Toolkit (EMET) is a toolkit that allows certain security mitigation technologies to be applied to user specified applications.

Read More

Oxygen Forensic Suite v2.4.1 - Mobile Forensic Software

Oxygen Forensic Suite 2 is a mobile forensic software that goes beyond standard logical analysis of cell phones, smartphones and PDAs. Using advanced proprietary protocols permits extract much more data than usually extracted by logical forensic tools, especially for smartphones.

Read More

Process Hacker Experimental release 1.6 available

Process Hacker is a free and open source process viewer and memory editor with unique features such as powerful process termination and a Regex memory searcher. It can show services, processes and their threads, modules, handles and memory regions.

Read More

Process Monitor v2.7 - Monitoring tool for Windows

Process Monitor is an advanced monitoring tool for Windows that shows real-time file system, Registry and process/thread activity. It combines the features of two legacy Sysinternals utilities, Filemon and Regmon.

Read More

Process Hacker v1.5 released

Process Hacker is a free and open source process viewer and memory editor with unique features such as powerful process termination and a Regex memory searcher. It can show services, processes and their threads, modules, handles and memory regions.

Read More

Digital Forensics Framework v0.4.3 available

DFF (Digital Forensics Framework) is a simple but powerfull open source tool with a flexible module system which will help you in your digital forensics works, including files recovery due to error or crash, evidence research and analysis, etc. The source code is written in C++ and Python, allowing performances and great extensibility

Read More

Mobius Forensic Toolkit updated to 0.4.8

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools

Read More

NetworkMiner v0.89 - Network Forensic Analysis Tool

NetworkMiner is a Network Forensic Analysis Tool (NFAT) for Windows. NetworkMiner can be used as a passive network sniffer/packet capturing tool in order to detect operating systems, sessions, hostnames, open ports etc. without putting any traffic on the network.

Read More

Stoned Bootkit upgraded to v2.0

Stoned Bootkit is a new Windows bootkit which attacks all Windows versions from XP up to 7. It is loaded before Windows starts and is memory resident up to the Windows kernel. Thus Stoned gains access to the entire system. It has exciting features like integrated file system drivers, automatic Windows pwning, plugins, boot applications and much much more. The project is partly published as open source under the European Union Public License. Like in 1987, "Your PC is now Stoned! ..again".

Read More
1 1 | 2 | 3 | 4