Archive | Forensics


19 January 2012 | 11,369 views

Mobius Forensic Toolkit 0.5.10 – Forensics Framework To Manage Cases & Case Items

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools. Installation As root, type:

Usage Run You can download Mobius 0.5.10 here: mobiusft-0.5.10.tar.gz Or […]

Continue Reading

03 November 2011 | 14,275 views

Rec Studio 4 – Reverse Engineering Compiler & Decompiler

REC Studio is an interactive decompiler. It reads a Windows, Linux, Mac OS X or raw executable file, and attempts to produce a C-like representation of the code and data used to build the executable file. It has been designed to read files produced for many different targets, and it has been compiled on several […]

Continue Reading

14 October 2011 | 14,681 views

CAINE (Computer Aided INvestigative Environment) – Digital Forensics LiveCD

CAINE (Computer Aided INvestigative Environment) is an Italian GNU/Linux live distribution created as a project of Digital Forensics. CAINE offers a complete forensic environment that is organized to integrate existing software tools as software modules and to provide a friendly graphical interface. The main design objectives that CAINE aims to guarantee are the following: an […]

Continue Reading

11 October 2011 | 10,457 views

File Disclosure Browser – Tool To Explore .DS_Store Files

The File Disclosure Browser takes .DS_Store files found on websites and parses through them to find a list of all potential files in the directory. It can then either just display the URLs for the files or if you give it a proxy it can browse to the files itself. The author wrote it after […]

Continue Reading

06 October 2011 | 9,801 views

CIAT – The Cryptographic Implementations Analysis Toolkit

The Cryptographic Implementations Analysis Toolkit (CIAT) is a compendium of command line and graphical tools whose aim is to help in the detection and analysis of encrypted byte sequences within files (executable and non-executable). It is particularly helpful in the forensic analysis and reverse engineering of malware using cryptographic code and encrypted payloads. This was […]

Continue Reading

20 September 2011 | 13,641 views

NetworkMiner v1.1 Released – Windows Packet Analyzer & Sniffer

NetworkMiner is a Network Forensic Analysis Tool (NFAT) for Windows. NetworkMiner can be used as a passive network sniffer/packet capturing tool in order to detect operating systems, sessions, hostnames, open ports etc. without putting any traffic on the network. NetworkMiner can also parse PCAP files for off-line analysis and to regenerate/reassemble transmitted files and certificates […]

Continue Reading

18 August 2011 | 13,144 views

Collar Bomber Gets Owned By Word Metadata & USB Drive

There were other more technical and probably relevant stories to report on today, but for some reason I just found this story very odd and strangely fascinating. Now here a strange case, a man climbs into a young girls bedroom in the middle of the night, threatens her with a baseball bat and then chains […]

Continue Reading

23 June 2011 | 6,845 views

ksymhunter – Routines For Hunting Down Kernel Symbols

Routines for hunting down kernel symbols from from kallsyms,, vmlinux, vmlinuz, and remote symbol servers. Examples:


You can download ksymhunter v1.0 here: ksymhunter.tar.gz Or read more here.

Continue Reading

30 May 2011 | 7,365 views

Sniffjoke 0.4.1 Released – Anti-sniffing Framework & Tool For Session Scrambling

SniffJoke is an application for Linux that handle transparently your TCP connection, delaying, modifying and injecting fake packets inside your transmission, make them almost impossible to be correctly read by a passive wiretapping technology (IDS or sniffer). An Internet client running SniffJoke injects in the transmission flow some packets able to seriously disturb passive analysis […]

Continue Reading

23 May 2011 | 10,441 views

Malware Analyser v3.0 – A Static & Dynamic Malware Analysis Tool

Malware Analyser is freeware tool to perform static and dynamic analysis on malware executables, it can be used to identify potential traces of anti-debug, keyboard hooks, system hooks and DEP setting change calls in the malware. This is a stepping release since for the first time the Dynamic Analysis has been included for file creations […]

Continue Reading