An extensible network forensic analysis framework. Enables rapid development of plugins to support the dissection of network packet captures. Key features: Robust stream reassembly IPv4 and IPv6 support Custom output handlers Chainable decoders Prerequisites Linux (developed on Ubuntu 12.04) Python 2.7 pygeoip, GNU Lesser GPL MaxMind GeoIP Legacy datasets PyCrypto, custom license dpkt, New BSD …
Category: Integrated Forensic Software
Integrated computer forensics environment with numerous forensic tools in one package
Permanent link to this article: https://www.darknessgate.com/2015/01/30/dshell/
Forensic Toolkit® (FTK®)
FTK is a court-accepted digital investigations platform that is built for speed, analytics and enterprise-class scalability. Known for its intuitive interface, email analysis, customizable data views and stability, FTK lays the framework for seamless expansion, so your computer forensics solution can grow with your organization’s needs. In addition AccessData offers new expansion modules delivering an …
Permanent link to this article: https://www.darknessgate.com/2014/03/03/forensic-toolkit-ftk-commercial-app/
Helix3 Pro [Commercial App]
Helix3 Pro is a unique tool necessary for every computer forensic tool kit! Get the only tool with a Live and Bootable side for your investigation needs. A multi-platform LIVE side for three environments; Mac OS X, Windows and Linux with one simple to use interface Make forensic images of all internal devices Make a …
Permanent link to this article: https://www.darknessgate.com/2012/09/19/helix3-pro-commercial-app/
Maltego
With the continued growth of your organization, the people and hardware deployed to ensure that it remains in working order is essential, yet the threat picture of your “environment” is not always clear or complete. In fact, most often it’s not what we know that is harmful – it’s what we don’t know that causes …
Permanent link to this article: https://www.darknessgate.com/2012/09/19/maltego/
MoonSols Windows Memory Toolkit
MoonSols Windows Memory Toolkit is the ultimate toolkit for memory dump conversion and acquisition on Windows. This toolkit had been designed to deal with various types of memory dumps such as VMWare memory snapshot, Microsoft crash dump and even Windows hibernation file. MoonSols Windows Memory Toolkit had been designed to deal with Microsoft Windows hibernation …
Permanent link to this article: https://www.darknessgate.com/2012/09/15/moonsols-windows-memory-toolkit/
Open Computer Forensics Architecture (OCFA)
The Open Computer Forensics Architecture is developed as 3 separate main sub projects that are bundled together in the open source distribution of the Open Computer Forensics Architecture. [OcfaLib] [OcfaArch] [OcfaModules]. Read More and Download OCFA From Here
Permanent link to this article: https://www.darknessgate.com/2012/09/15/open-computer-forensics-architecture-ocfa/
The Sleuth Kit and Autopsy Browser
The Sleuth Kit and Autopsy Browser. Both are open source digital investigation tools (a.k.a. digital forensic tools) that run on Windows, Linux, OS X, and other Unix systems. They can be used to analyze disk images and perform in-depth analysis of file systems (such as NTFS, FAT, HFS+, Ext3, and UFS) and several volume system …
Permanent link to this article: https://www.darknessgate.com/2012/09/15/the-sleuth-kit-and-autopsy-browser/
The Coroner's Toolkit (TCT)
TCT is a collection of programs by Dan Farmer and Wietse Venema for a post-mortem analysis of a UNIX system. Notable TCT components are the grave-robber tool that captures information, the ils and mactime tools that display access patterns of files dead or alive, the unrm and lazarus tools that recover deleted files, and the …
Permanent link to this article: https://www.darknessgate.com/2012/09/15/the-coroners-toolkit-tct/
The Coroner’s Toolkit (TCT)
TCT is a collection of programs by Dan Farmer and Wietse Venema for a post-mortem analysis of a UNIX system. Notable TCT components are the grave-robber tool that captures information, the ils and mactime tools that display access patterns of files dead or alive, the unrm and lazarus tools that recover deleted files, and the …
Permanent link to this article: https://www.darknessgate.com/2012/09/15/the-coroners-toolkit-tct-2/
PTK forensics
PTK forensics is a computer forensic framework for the command line tools in the SleuthKit plus much more software modules. This makes it usable and easy to investigate a system. PTK forensics offers many features such as multi-user analysis, search and management of complex digital investigation cases. The core component of the software is an …
Permanent link to this article: https://www.darknessgate.com/2012/09/15/ptk-forensics/
Digital Forensics Framwork
DFF (Digital Forensics Framework) is a free and Open Source computer forensics software built on top of a dedicated Application Programming Interface (API). It can be used both by professional and non-expert in order to quickly and easily collect, preserve and reveal digital evidences without compromising systems and data. Main Features: Read local drivers or …
Permanent link to this article: https://www.darknessgate.com/2012/09/15/digital-forensics-framwork/
- 1
- 2