forensics – MrHacker

Forensics Tools

Oct 17, 2018

Swap Digger – Tool That Automates Swap Extraction And Searches For User Credentials, Web Forms Credentials, Emails, Http Authentication, Wifi SSID And Keys, Etc

swap_digger is a bash script used to automate Linux swap analysis for post-exploitation or forensics purpose. It automates swap extraction and searches for Linux user credentials, Web form credentials, Web form emails, HTTP basic authentication, WiFi SSID and keys, etc. Download and run the tool On your machine Use the following commands to download and […]

root

Forensics Tools

Jul 23, 2018

Hindsight – Internet History Forensics For Google Chrome/Chromium

Hindsight is a free tool for analyzing web artifacts. It started with the browsing history of the Google Chrome web browser and has expanded to support other Chromium-based applications (with more to come!). Hindsight can parse a number of different types of web artifacts, including URLs, download history, cache records, bookmarks, autofill records, saved passwords, […]

root

Data Security

Apr 13, 2018

Forensics report of WordPress hacked site

This post details the forensics performed by Information security trainingprofessional during the clean-up operation. The expert also note specific WordPress security recommendations based on analysis. Background The client had recently registered new domain name, set up some webspace on their VPS and then manually started installing the most recent version of WordPress. Before completing the install […]

root

Forensics Tools

Dec 27, 2017

weffles – Threat Hunting/Incident Response Console with Windows Event Forwarding and PowerBI.

WEFFLES is designed to be small and lightweight, both for speed of getting something deployed during an Incident Response and also for the sake of being sustainable in an environment going forward. It’s not necessary to be familiar with the underlying technology of Windows Event Forwarding to set up the solution as it’s scripted out […]

root

Forensics Tools

Dec 12, 2017

Linux Expl0rer – Easy-To-Use Live Forensics Toolbox For Linux Endpoints

Easy-to-use live forensics toolbox for Linux endpoints written in Python & Flask. Capabilities ps View full process list Inspect process memory map & fetch memory strings easly Dump process memory in one click Automaticly search hash in public services VirusTotal AlienVault OTX users users list find Search for suspicious files by name/regex netstat Whois logs […]

root

Oct 23, 2017

srum-dump – A Forensics Tool to Convert the Data in the Windows srum

srum-dump This program will create an excel spreadsheet containing forensics artifacts contained the SRUM (System Resource Utilization Manager) database. The program can be run with no input and it will prompt you for each of the needed arguments. The program requires two inputs. The first is an SRUM database. The SRUM database is usually Windowssystem32sruSRUDB.dat. […]

root

Oct 17, 2017

Shadow – Unique Discrete Event Network Simulator

Shadow is a unique discrete-event network simulator that runs real applications like Tor and Bitcoin, and distributed systems of thousands of nodes on a single machine. Shadow combines the accuracy of emulation with the efficiency and control of simulation, achieving the best of both approaches. Shadow was developed because there was a recognized need for […]

root

Oct 13, 2017

Your Facebook Account Can be Hacked through new Phishing Scam

Security researchers from AccessNow have discovered a new Facebook phishing scam that can also fool a professional technical user into falling victim to this scam and helping attackers to get access to your Facebook account. The new scam is using a Facebook account recovery feature called “Trusted Contact”— which sends secret codes to some of […]

root

Network Tools

Oct 12, 2017

psad – Intrusion Detection and Log Analysis with iptables

The Port Scan Attack Detector psad is a lightweight system daemon written in is designed to work with Linux iptables/ip6tables/firewalld firewalling code to detect suspicious traffic such as port scans and sweeps, backdoors, botnet command and control communications, and more. It features a set of highly configurable danger thresholds (with sensible defaults provided), verbose alert […]

root

Forensics Tools

Oct 10, 2017

OSXAuditor – Free Mac OS X Computer Forensics Tool

OS X Auditor is a free Mac OS X computer forensics tool. OS X Auditor parses and hashes the following artifacts on the running system or a copy of a system you want to analyze: the kernel extensions the system agents and daemons the third party’s agents and daemons the old and deprecated system and […]

root

Reverse Engineering

Oct 06, 2017

radare2 – Unix-Like Reverse Engineering Framework And Commandline Tools

r2 is a rewrite from scratch of radare in order to provide a set of libraries and tools to work with binary files. The radare project started as a forensics tool, a scriptable command-line hexadecimal editor able to open disk files, but later support for analyzing binaries, disassembling code, debugging programs, attaching to remote gdb […]

root

Incidents

Oct 26, 2016

Cellebrite digital forensics tools leaked online by a reseller

The firmware used by the Israeli mobile forensic firm Cellebrite was leaked online by one of its resellers, the McSira Professional Solutions. Do you know Cellebrite? It is an Israeli firm that designs digital forensics tools that are used by law enforcement and intelligence agencies to examine mobile devices in investigations. It became famous when […]

root

Computer Forensics

Jun 16, 2015

Recovering your Deleted Files

It has happened to most of us. You deleted a file and realize you need it back. But is it really deleted? Find out how to recover those files. If you’re not sure whether you permanently deleted a file, be sure to look around for it first. In Windows, you’ll want to open the Recycle […]

root

Hacking Tutorials

Apr 02, 2015

Backtracing a RAT / Find the IP of the Hacker’s RAT

Welcome to my tutorial, today i will be showing you how to get someone’s ip once you have the person’s RAT. In other words, i’m going to show you how easy it is for the feds to get your ip and get you arrested if they wanted to. Requirements: Wireshark [DOWNLOAD] Sandboxie [DOWNLOAD] First open […]

root