Kali
This program discusses the development of a machine learning (ML) program designed to identify specific hacking activities using forensic evidence from PCAP files, which are data files created by network analyzers like Wireshark. These files capture packet data across various layers of the Open Systems Interconnection (OSI) model, providing a rich source of data that, …
Continue reading “Forensic – Detecting Hackers With PCAP Data”
Judge Jury And Executable is a File System Forensics Analysis Scanner And Threat Hunting Tool Features Scan a mounted filesystem for threats right away Or gather a system baseline before an incident, for extra threat hunting ability Can be used before, during or after an incident For one to many workstations Scans the MFT, bypassing …
Scripted collection of system information valuable to a Forensic Analyst. IRTriage will automatically “Run As ADMINISTRATOR” in all Windows versions except WinXP. The original source was Triage-ir v0.851 an Autoit script written by Michael Ahrendt. Unfortunately Michael’s last changes were posted on 9th November 2012 I let Michael know that I have forked his project: …
Fama is a tool for android extraction and analysis framework with an integrated Autopsy Module. Dump easily user data from a device and generate powerful reports for Autopsy or external applications. Functionalities Extract user application data from an Android device with ADB (root and ADB required). Dump user data from an android image or mounted …
Sherloq is a personal research project about implementing a fully integrated environment for digital image forensics. It is not meant as an automatic tool that decide if an image is forged or not (that tool probably will never exist…), but as a companion in putting at work various algorithms to discover potential image inconsistencies. While …
Continue reading “Sherloq : An Open-Source Digital Image Forensic Toolset”
OSXCollector is a forensic evidence collection & analysis toolkit for OSX. The collection script runs on a potentially infected machine and outputs a JSON file that describes the target machine. OSXCollector gathers information from plists, SQLite databases and the local file system. Forensic Analysis Armed with the forensic collection, an analyst can answer the question …
Continue reading “OSXCollector : A Forensic Evidence Collection & Analysis Toolkit For OS X”
