Posts Tagged ‘Forensics’

Rekall Memory Forensic Framework

Rekall Framework is an open source collection of tools that you can use for Forensics analyses. the program is based on Python and allow to have a full visibility for system state memory (RAM). Rekall runs on any platform that support Python and investigate the following images: Microsoft Windows XP Service Pack 2 and 3 [...]

Share

TNS Connection Profiler – Oracle Tool

TNS listener is a service that allows clients application to connect to oracle database. The service running on the database allows to log and control the connection and by default it uses port 1521/1526. Database administrator needs to restrict this port to only required applications by filtering IPs. Each connection over this service logs information [...]

Share

Volafox Mac OS X Memory Analysis Toolkit

Volafox is an open source toolkit that you can use for Mac OS X and BSD forensics. The tool is a python based and allows investigating security incidents and finding information for malwares and any malicious program on the system. Security analyst can have the following information using this tool: MAC Kernel version, CPU, and [...]

Share

Mobius Forensic Toolkit 0.5.16

Forensic frameworks are important in running investigation and finding the root cause for any incident. open source programs are widely used for creating cases and gathering evidence.  one of the open source framework is Mobius Forensic Toolkit the toolkit is extensible to investigate data from several entries such as skype and windows operating system registry. [...]

Share

Browser Forensic Tool v2.0

Phrozen Browser Forensic Tool is a security application that you can use for checking different browsers you use including Microsoft Internet Explorer, Google Chrome, Comodo Dragon, RockMelt and Opera. The application will create a report for navigation history by keywords and make a matching with malicious words that allow security analyst a way to extract [...]

Share
phone forensics

LiME – Linux Memory Extractor

Mobile platform security tools are increasing and we have more open source tools that allow to conduct forensic analyses on phone devices. if you want to investigate Android operating system you can use LiME. LiME (formerly DMD) allows to investigate file system from memory or over network, this can be used to have a full [...]

Share

OS X Auditor- Mac Forensics Tool

OS X Auditor is a python based computer forensics tool. The tool allows analysts to parse and hash artifacts on the running system or a copy of a system to not modify the original evidence. the program will look at: the kernel extensions the system agents and daemons the third party’s agents and daemons the [...]

Share