web
analytics

Directory: Recently Added Listings RSS

RECON IMAGER New!

0 reviews

sumuri.com/software/recon-imager/

RECON IMAGER is the most complete imaging tool in the world. RECON IMAGER takes the guess work out of advanced imaging processes so you can focus on the broader task at hand, and get more work done, faster. And at the price of $399, RECON IMAGER is an ind ...
Read More...

Category:Directory

EnCase Mobile Investigator Popular

0 reviews

www.guidancesoftware.com

The company that set the standard just raised the bar. Supporting over 25 types of mobile devices, EnCase Forensic offers investigators the flexibility to collect critical evidence including text messages, call records, pictures, graphics, and much more.

Outlier

0 reviews

unbouncepages.com/supertimelines-free/

The Outlier Community Account allows up to ten endpoints to be investigated simultaneously.  Remote forensic investigation, live forensics, memory, timelines, and real-time process and user monitoring.  Free. 

Category:Timelines

UsnTrimmer

0 reviews

github.com/devgc/UsnTrimmer

A tool to trim a USN Journal file extracted by other tools. This tools starts at the end of the USN Journal file and works its way back by searching for the start of the USN record buffer. For more on how USN records are stored see: https://technet.micro ...
Read More...

Py2ExeDecompiler

0 reviews

github.com/endgameinc/Py2ExeDecompiler

Decompiles Exe created by Py2Exe using uncompyle6 for both python 2 and 3.

EQUEL

0 reviews

github.com/thomaspatzke/EQUEL

EQUEL - an Elasticsearch QUEry Language The projects was motivated by usage of Elasticsearch and Kibana for log analysis in incident response and as tool in web application security testing. Both are great tools for this purpose, but Kibana exposes only ...
Read More...

O-Saft

0 reviews

github.com/OWASP/O-Saft

OWASP SSL advanced forensic tool / OWASP SSL audit for testers O-Saft is an easy to use tool to show informations about SSL certificate and tests the SSL connection according given list of ciphers and various SSL configurations. It's designed to be ...
Read More...

PC Privacy

0 reviews

www.r-wipe.com

R-Wipe & Clean is a complete R-Tools solution to erase useless files on your computer, prevent identity theft, and maintain computer privacy. Using this program, you can erase files and folders using fast, secure wiping algorithms, clean your computer ...
Read More...

Category:Data Wiping

R-Mail

0 reviews

www.r-tt.com/outlook_mail_recovery/

R-Mail is a family of e-mail recovery utilities for damaged files and deleted messages created by Microsoft Outlook* (later referred to as "Outlook") and Microsoft Outlook Express* (later referred to as "Outlook Express") software.

Category:Email

R-Studio

0 reviews

www.r-studio.com

Empowered by the new unique data recovery technologies, R-STUDIO is the most comprehensive data recovery solution for recovery files from NTFS, NTFS5, ReFS, FAT12/16/32, exFAT, HFS/HFS+ (Macintosh), Little and Big Endian variants of UFS1/UFS2 (FreeBSD/Ope ...
Read More...

010 Editor

0 reviews

www.sweetscape.com/010editor/

Professional text and hex editing with Binary Templates technology.

Category:Hex Editors

github.com/hasherezade/pe_recovery_tools/tree/master/imports

Small tool for recovering erased imports of a dumped PE fileUseful in recovering executables dumped from the memory. Dedicated to cases when the imports has been erased after loading (anti-dumping trick used by malware). Usage: imports_unerase.exe [PID] ...
Read More...

www.darknet.org.uk/2017/04/spectrology-basic-audio-steganogr

spectrology is a Python-based audio steganography tool that can convert images to audio files with a corresponding spectrogram encoding, this allows you to hide hidden messages via images inside audio files.

Category:Steganography

www.woanware.co.uk/forensics/lnkanalyser.html

Windows shortcut (LNK) files hold a wealth of useful information for forensic investigators. There are a number of LNK file parsers out there, and most are ok, some are incorrect and some just don’t get enough information extracted e.g. UUID parsing. Micr ...
Read More...

github.com/fireeye/SessionGopher

SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.  

Category:Misc

PSInspect

0 reviews

github.com/hl-repos/PSInspect

PSInspect PowerShell script useful for Incident Response and security/configuration baselines for Windows Vista and later. Self-contained Windows Metadata Extraction: User Accounts System Configuration Files (.sys and .ini) Environment Variables G ...
Read More...

CERT-W/certitude

0 reviews

github.com/cert-w/certitude

CERTitude is a Python-based tool which aims at assessing the compromised perimeter during incident response assignments.   ** CERTitude aims at performing large scale scans of Windows-based (for now) information systems by searching for behavioral patt ...
Read More...

virusshare.com/hashes.4n6

Links to lists of MD5 hashes for all of the malware samples contained in each of the zip files shared via the torrents. Each list is published after each torrent is uploaded. Each list is a plain text file with one hash per line. Files 0-148 are 4.3MB in ...
Read More...

Category:Hash Sets

www.andriller.com

Andriller - is software utility with a collection of forensic tools for smartphones. It performs read-only, forensically sound, non-destructive acquisition from Android devices. It has other features, such as powerful Lockscreen cracking for Pattern, PIN ...
Read More...

tools.netsa.cert.org/silk/index.html

SiLK, the System for Internet-Level Knowledge, is a collection of traffic analysis tools developed by the CERTNetwork Situational Awareness Team (CERT NetSA) to facilitate security analysis of large networks. The SiLK tool suite supports the efficient col ...
Read More...

Category:Network