Archive | Forensics


10 August 2009 | 19,227 views

Xplico – Network Forensic Analysis Tool

The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email (POP, IMAP, and SMTP protocols), all HTTP contents, each VoIP call (SIP), FTP, TFTP, and so on. Xplico isn’t a network protocol analyzer. Xplico is an open source Network Forensic [...]

Continue Reading


27 July 2009 | 9,434 views

Wireshark 1.2.1 Released – Network Protocol Analyzer

Wireshark is the world’s foremost network protocol analyzer, and is the de facto (and often de jure) standard across many industries and educational institutions. Wireshark development thrives thanks to the contributions of networking experts across the globe. It is the continuation of a project that started in 1998. Many of you will know it as [...]

Continue Reading


29 April 2009 | 6,673 views

ScreenStamp! – Free Screenshot Tool With Timestamp

What is ScreenStamp! ScreenStamp! is basically a screen grabbing application for pen-testing and people working in forensics. The app will ask you for a location to save your screen shots to, along with a name that the program will number, allowing the user to concentrate on the job at hand as opposed to saving screen [...]

Continue Reading


20 February 2009 | 6,504 views

DShield Web Honeypot Project – Alpha Version Released

For those of you who are not familiar with DShield (where have you been? under a rock?) it’s a Cooperative Network Security Community. Basically what that means is they collect firewall logs and map out the trends. Like when there was a worm going around that bruteforced SSH2 you could see a spike in port [...]

Continue Reading


14 November 2008 | 15,146 views

Maltego – Forensics and Intelligence Application & Information Gathering Tool

Maltego is an open source intelligence and forensics application. It allows for the mining and gathering of information as well as the representation of this information in a meaningful way. Coupled with its graphing libraries, Maltego, allows you to identify key relationships between information and identify previously unknown relationships between them. It is a must-have [...]

Continue Reading


13 August 2008 | 11,250 views

raWPacket HeX – Network Security Monitoring & Analysis LiveCD

HeX is a project aimed at the NSM (Network Security Monitoring) community for use by network security analysts. The developers believe that simplicity and analysis work flow logic must be enhanced and emphasized through-out the process of designing this liveCD. Not only have they carefully chosen all the necessary applications and tools to be included [...]

Continue Reading


09 May 2008 | 19,187 views

Want Some COFEE? Microsoft Computer Online Forensic Evidence Extractor

Microsoft helping the good guys eh? I had someone ask me if I can get a hold of this so I did some checking up on.. I’d guess MS is doing this to sell additional software and services, but either way its a good thing to make a portable, easy to use and effective forensics [...]

Continue Reading


27 February 2008 | 65,704 views

NetworkMiner – Passive Sniffer & Packet Analysis Tool for Windows

NetworkMiner is a passive network sniffer/packet capturing tool for Windows with an easy to use interface. It can detect operating systems, sessions, hostnames, open ports etc. without putting any traffic on the network. NetworkMiner can also parse PCAP files for off-line analysis. NetworkMiner makes use of OS fingerprinting databases from both p0f (by Michal Zalewski) [...]

Continue Reading


22 February 2008 | 8,716 views

laptop and data theft protection

A UK firm Virtuity has created data protection software called BackStopp which comes with ’self-destruct’ technology based on Wi-Fi and RFID tags that starts to run as and when a laptop is moved from its designated space. So in layman’s terms, if the laptop is moved from its permitted zone (which is set by the [...]

Continue Reading


22 February 2008 | 6,944 views

SWFIntruder – Analysis and Security Testing of Flash Applications

With a recent spate of attacks from banner ads (many of which are using flash) this might be a useful tool if you are using flash or more accurately flash applications on your website or portal. I did mention a Flash decompiler a while back, now we have SWFIntruder (pronounced Swiff Intruder), which is apparently [...]

Continue Reading