We often watch experts in movies using forensic tools for their investigations but what cyber forensic tools are used by experts? Well, here are top 7 cyber forensic tools preferred by specialists and investigators around the world. “Torture the data and it will confess to anything” Ronald Coase. Cyber forensic: As the title says, it is […]
This post details the forensics performed by Information security trainingprofessional during the clean-up operation. The expert also note specific WordPress security recommendations based on analysis. Background The client had recently registered new domain name, set up some webspace on their VPS and then manually started installing the most recent version of WordPress. Before completing the install […]
The field of computer Forensics Analysis involves identifying, extracting, documenting, and preserving information that is stored or transmitted in electronic or magnetic form (that is, digital evidence) Forensics Analysis – Volatile Data: The data that is held in temporary storage in the system’s memory (including random access memory, cache memory, and the onboard memory of […]
Easy-to-use live forensics toolbox for Linux endpoints written in Python & Flask. Capabilities ps View full process list Inspect process memory map & fetch memory strings easly Dump process memory in one click Automaticly search hash in public services VirusTotal AlienVault OTX users users list find Search for suspicious files by name/regex netstat Whois logs […]
Security researchers from Endpoint Security firm Ensilo discovered a new Evasion technique dubbed Process Doppelgänging which works with all the versions of windows and can Evade well-known security products forensics tools. Doppelgänging introduced in BLACKHAT EUROPE 2017, with Doppelgänging they load and execute an arbitrary as, like a legitimate process, it is similar to Process […]
The Volatility Foundation, the non-profit organization behind the Volatility Framework, sponsors the yearly Volatility Plugin Contest to acknowledge the best forensic tools built on the Volatility platform.
srum-dump This program will create an excel spreadsheet containing forensics artifacts contained the SRUM (System Resource Utilization Manager) database. The program can be run with no input and it will prompt you for each of the needed arguments. The program requires two inputs. The first is an SRUM database. The SRUM database is usually Windowssystem32sruSRUDB.dat. […]
Pac4Mac is a portable Forensics framework (to launch from USB storage) allowing extraction and analysis session information in highlighting the real risks in term of information leak (history, passwords, technical secrets, business secrets, …). It can be used to check the security of your Mac OS X system or to help you during forensics investigation. […]
OS X Auditor is a free Mac OS X computer forensics tool. OS X Auditor parses and hashes the following artifacts on the running system or a copy of a system you want to analyze: the kernel extensions the system agents and daemons the third party’s agents and daemons the old and deprecated system and […]
Nzyme collects 802.11 management frames directly from the air and sends them to a Graylog (Open Source log management) setup for WiFi IDS, monitoring, and incident response. It only needs a JVM and a WiFi adapter that supports monitor mode. Think about this like a long-term (months or years) distributed Wireshark/tcpdump that can be analyzed and filtered […]
Memoryze is a free memory forensic software that helps incident responders find evil in live memory. It can acquire and/or analyze memory images and on live systems can include the paging file in its analysis. Memoryze can: Image the full range of system memory (no reliance on API calls). Image a process’ entire address space to […]
DEFT (Digital Evidence & Forensics Toolkit) is a Linux distribution that’s developed to cater the needs of the professionals and non-experts to gather and preserve digital evidence. This free and open source operating system comes loaded with some of the best open source applications for computer forensics. The developers of DEFT recently released DEFT Zero, […]
Ghiro is an open source software for digital photo and digital image forensics. The forensic analysis is fully automated, report data can be searched or aggregated in different perspectives. It is designed to assist you in the process of analyzing a massive amount of images, it could become an essential tool in your forensic lab.Since […]
OS X Auditor is a free Mac OS X computer forensics tool. It parses and hashes the following artifacts on the running system or a copy of a system you want to analyze: the kernel extensions the system agents and daemons the third party’s agents and daemons the old and deprecated system and third party’s […]
Last week, we told you about the announcement of the release date of Debian 9.0 Stretch GNU/Linux distro. According to the announcement, Debian 9.0 is slated to arrive on June 17, 2017. Prior to that, another exciting development was made in the Debian world in the form of release of systemd-free Devuan 1.0.0 distro. Debian […]
Meterpreter_Payload_Detection.exe tool for detecting Meterpreter in memory like IPS-IDS and Forensics tool DOWNLOAD Meterpreter_Payload_Detection https://github.com/DamonMohammadbagher/Meterpreter_Payload_Detection CREDITS: DamonMohammadbagher Install Notes Download Meterpreter_Payload_Detection Compile C#code or unzip release_v1.0.0.4 Run Meterpreter_Payload_Detection.exe If you liked this software please consider leaving a star and folking the software from github. C# code Author : Damon Mohammadbagher Meterpreter Signature Authors : Rohan […]
Short Bytes: Developers of DEFT Linux distro for hacking and digital forensics have released the lightweight version of their operating system. DEFT Linux 2017.1 Zero is based on Lubuntu 14.04.02 LTS. The operating system needs lesser RAM to run and offers 3 booting modes that are designed to suit your different needs. DEFT “Zero” Linux 2017.1 ISO […]
The firmware used by the Israeli mobile forensic firm Cellebrite was leaked online by one of its resellers, the McSira Professional Solutions. Do you know Cellebrite? It is an Israeli firm that designs digital forensics tools that are used by law enforcement and intelligence agencies to examine mobile devices in investigations. It became famous when […]
In this tutorial, we will explore where and what the forensic investigator can find information about the activities of the suspect in their web browser. It’s important to note that this information will vary by operating system and browser. Here we will look briefly at Internet Explorer and go into a bit more depth on […]
Hacked casino operator alleges breach continued while Trustwave was investigating. A Las Vegas-based casino operator has sued security firm Trustwave for conducting an allegedly “woefully inadequate” forensics investigation that missed key details of a network breach and allowed credit card thieves to maintain their foothold during the course of the two-and-a-half-month investigation. In a legal […]
The average personal computer is a security nightmare ,but what if i were to tell you there was a way around this, a way to make windows secure? VPNs , proxies , and Tor only get you so far , but what do you do when they’ve traced it to your computer? Anti-forensics are designed […]