Tag Archives: Forensics

CapAnalysis – Network Forensic Tool

CapAnalysis is a web visual tool for information security specialists, system administrators and everyone who needs to analyze large amounts of captured network traffic.

Eraser – Tool to Wipe Sensitive Data

During the incident response and analyzing artifact in memory the responder will copy the data to external hard drive and this may include sensitive information that will be processed during the work. before starting to use external hard drive it

Xplico – Network Forensic Analysis Tool

Network artifact collection is extremely important when you are looking to investigate a security intrusion reported by external entity such as ISP, CERT or CSIRT. Network evidence may include network logs, network pcap files and the source IP these are

WinPmem – Memory Acquisition Tool

WinPmem can be used to dump memory from windows , linux or MacOS operating systems.

UserAssistView – Display UserAssist Items

One of the programs that will be helpful in the incident response from Nirsoft is UserAssistView.

DSi USB Write Blocker

DSi USB Write Blocker Utility will help into converting the USB stick into read only mode so no change or modification is allowed which comes at the end when all information requirement collected.

OSForensics – Digital Investigation Toolkit

OSForensics allows you to identify suspicious files and activity with hash matching, drive signature comparisons, e-mails, memory and binary data.