For those of you who are not familiar with DShield (where have you been? under a rock?) it’s a Cooperative Network Security Community. Basically what that means is they collect firewall logs and map out the trends. Like when there was a worm going around that bruteforced SSH2 you could see a spike in port [...]
Maltego is an open source intelligence and forensics application. It allows for the mining and gathering of information as well as the representation of this information in a meaningful way. Coupled with its graphing libraries, Maltego, allows you to identify key relationships between information and identify previously unknown relationships between them. It is a must-have [...]
HeX is a project aimed at the NSM (Network Security Monitoring) community for use by network security analysts. The developers believe that simplicity and analysis work flow logic must be enhanced and emphasized through-out the process of designing this liveCD. Not only have they carefully chosen all the necessary applications and tools to be included [...]
Microsoft helping the good guys eh? I had someone ask me if I can get a hold of this so I did some checking up on.. I’d guess MS is doing this to sell additional software and services, but either way its a good thing to make a portable, easy to use and effective forensics [...]
NetworkMiner is a passive network sniffer/packet capturing tool for Windows with an easy to use interface. It can detect operating systems, sessions, hostnames, open ports etc. without putting any traffic on the network. NetworkMiner can also parse PCAP files for off-line analysis. NetworkMiner makes use of OS fingerprinting databases from both p0f (by Michal Zalewski) [...]
A UK firm Virtuity has created data protection software called BackStopp which comes with ’self-destruct’ technology based on Wi-Fi and RFID tags that starts to run as and when a laptop is moved from its designated space. So in layman’s terms, if the laptop is moved from its permitted zone (which is set by the [...]
With a recent spate of attacks from banner ads (many of which are using flash) this might be a useful tool if you are using flash or more accurately flash applications on your website or portal. I did mention a Flash decompiler a while back, now we have SWFIntruder (pronounced Swiff Intruder), which is apparently [...]
Another tool for the security side, good for forensics, monitoring and auditing. Argus is a fixed-model Real Time Flow Monitor designed to track and report on the status and performance of all network transactions seen in a data network traffic stream. Argus provides a common data format for reporting flow metrics such as connectivity, capacity, [...]
The Revisionist is a tool for extracting and indexing hidden metadata (such as deleted or modified text) from large collections of MS Word files. It can operate whole Web sites or SMB or NFS directories. It is handy for pen-testing, or it can be used just to spot embarrassing secrets. It’s useful in that it [...]
A freeware tool to trace TCP/UDP sessions and fetch application data from snoop or tcpdump logs. This is a type of “any-snarf” program, as it will fetch telnet sessions, FTP files, HTTP transfers (HTML, GIF, JPEG), SMTP emails and so on from the captured data inside network traffic logs. Similar to tcpflow which we mentioned [...]
© Darknet – The Darkside 2000-2013. Don't Learn to HACK - Hack to LEARN.
Posted in: 
Recent Comments