background preloader

Open source digital forensics.

Open source digital forensics.
Related:  Tools: Security - Forensics - Pentesting - Ethical Hacking

SIFT Kit/Workstation: Investigative Forensic Toolkit Download SANS Investigative Forensic Toolkit (SIFT) Workstation Version 3.0 Download SIFT Workstation VMware Appliance Now - 1.5 GB Having trouble downloading? If you are having trouble downloading the SIFT Kit please contact and include the URL you were given, your IP address, browser type, and if you are using a proxy of any kind. Having trouble with SIFT 3? If you are experiencing errors in SIFT 3 itself, please submit errors, bugs, and recommended updates here: How To: Download Ubuntu 14.04 ISO file and install Ubuntu 14.04 on any system. -> Once installed, open a terminal and run "wget --quiet -O - | sudo bash -s -- -i -s -y" Congrats -- you now have a SIFT workstation!! SIFT Workstation 3.0 Overview "The SIFT Workstation has quickly become my "go to" tool when conducting an exam. Key new features of SIFT 3.0 include: Installation

Open Source Computer Forensics Manual Digital Intelligence and Investigation Tools | The CERT Division By providing operational support to high-profile intrusion, identity theft, and general computer crime investigations, DIID is able to see the current limitations of computer forensics and incident response in the field first hand. Combining applied research with the unique talents, operational experience, research capabilities, and the vast knowledge base of Carnegie Mellon University, we have developed resources, training, and tools to facilitate forensic examinations and assist authorized members of the law enforcement community. Restricted Access Tools Users can access the following tools after they register and are vetted. Live View LE allows forensic investigators to take a physical device or an image file of a disk or partition and automatically transform it into a virtual machine. CCFinder is a suite of utilities designed to facilitate the discovery, organization, and query of financial data and related personally identifiable information in large-scale investigations.

DesktopAuditing | FREE Desktop and Network Security Auditing Resources Top 15 Open Source. Free Security. Tools. 1. Nmap Nmap (“Network Mapper”) is a free and open source (license) utility for network discovery and security auditing. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. 2. Wireshark is a network protocol analyzer. 3. Metasploit Community Edition simplifies network discovery and vulnerability verification for specific exploits, increasing the effectiveness of vulnerability scanners. 4. Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6400 potentially dangerous files/CGIs, checks for outdated versions of over 1200 servers, and version specific problems on over 270 servers. 5. 6. ettercap 7. 8. 9. 10. w3af 11. hping 12. burpsuite 13. 14. sqlmap

Black Hat USA 2014 - Arsenal Returning bigger than ever for 2014, Black Hat is pleased to once again present Arsenal--a Tool/Demo area where independent researchers and the open source community will showcase some awesome weapons. See below for the full list and descriptions of each of these tools. Hours and Location: August 6, 2014 | 10:00 - 18:00 | Breakers JK August 7, 2014 | 10:00 - 18:00 | Breakers JK Android Device Testing Framework The Android Device Testing Framework ("dtf") is a data collection and analysis framework to help individuals answer the question: "Where are the vulnerabilities on this mobile device?" Automated Memory Analysis Automated Memory Analysis is a set of new innovative Cuckoo Sandbox plugins that adds new dynamic and memory analysis abilities such as: Demonstrations will cover how the plugins can help security researchers analyze advanced malware. Malware samples such as Snake (Uroburos), Stuxnet, and friends that evaded analysis will be dissected live to demonstrate the toolkit abilities.

Metashield Analyser. Analisis of metadata online. Internet Archive: Digital Library of Free Books, Movies, Music & Wayback Machine How DuckDuckGo Rode A Wave Of Post-Snowden Anxiety To Massive Growth When it first launched, DuckDuckGo seemed like it couldn't possibly be serious. A tiny, Philadelphia-based search engine going up against Google? Indeed, its early growth was glacial, despite offering itself as a less invasive search engine that doesn't track your online behavior. Over the last two years, DuckDuckGo's daily search queries have grown 600%, CEO Gabriel Weinberg told CNBC recently. Last month, a survey from the Pew Research Center revealed that 40% of U.S. adults don't want their search engine provider to retain any information about them at all. "People are finally becoming aware of all the downsides of online tracking, including surveillance, ads following you around the Internet, and being charged different prices based on your profile," Weinberg told Fast Company. The premise of DuckDuckGo is simple: It doesn't track your searches or any other online activity. Concerns about search privacy are at least as old as Google.

Hardware-based security more effective against new threats With software security tools and network vulnerabilities constantly being targeted by hackers, securing hardware components will grow in importance given it is more secure and cybercriminals will find it difficult to alter the physical layer for their purposes. Patrick Moorhead, president and principal analyst of Moor Insight and Strategy, said hardware-based security is more secure than software tools such as antivirus since it cannot be altered. Hardware-based security refers to safeguarding the computer using components such as processors. An RSA spokesperson added the physical layer eliminates the possibility of malware, such as virtual rootkits, from infiltrating the operating system and penetrating the virtualization layer. In 2010, RSA, together with VMWare and Intel, introduced a proof-of-concept framework to integrate security into the entire hardware stack. One example is ARM's joint venture with Gemalto and Giesecke & Devrient to set up Trustonic in December 2012.

Google hacking - Automated website hacking tools based on Google dorks Google hacking is a must for hackers and pen testers, the popular search engine is a mine of information for targeted analysis and reconnaissance phase. In the past we discussed on how to use Google hacking techniques to gather information on specific targets and discover vulnerable website on a large-scale. I decided to start from a submodule of the hacking program proposed by The Hacker Academy dedicated to use of Google during a penetration test to extend the discussion with a proof of concept. The security expert Dancho Danchev just published an interesting post on Google-dorks based mass Web site hacking/SQL injecting tool used by cyber criminals to facilitate the above malicious online activity. Google hacking tools are also used for a second purpose, cybercriminals exploit them to collect huge quantities of data to resell on the underground.

Related:  Tool List