I’m proud to announce, that my team published yesterday a very cool Live Response CD for Linux and Windows in cooperation with the german journal iX. It contains a brand new Linux Live Response script and a build script for your own static binaries. This Live Response Script contains also an
New Forensics Live Response CD published
«
21 June 2007 |
14:49 |
Forensics, Live Response, Tools |
No Comments | 1,466 Views
»
Sector Inspector (SecInspect.exe)
«
9 April 2007 |
13:52 |
Forensics, Tools |
No Comments | 1,557 Views
»
Microsoft published a tool called Sector Inspector (SecInspect.exe) with the Windows 2003 Server Resource Kit. This is a command-line diagnostics tool that allows administrators to view the contents of master boot records, boot sectors, and IA64 GUID partition tables. Additional features
Microsoft published a tool called Sector Inspector (SecInspect.exe) with the Windows 2003 Server Resource Kit. This is a command-line diagnostics tool that allows administrators to view the contents of master boot records, boot sectors, and IA64 GUID partition tables. Additional features
The Sleuthkit 2.08
«
6 April 2007 |
13:34 |
Forensics, Tools |
No Comments | 1,479 Views
»
The Sleuthkit (TSK) 2.08 is out now. The new version contains
The Sleuthkit (TSK) 2.08 is out now. The new version contains
The Sleuthkit 2.07
«
16 December 2006 |
20:08 |
Forensics, Tools |
No Comments | 1,364 Views
»
Brian Carrierr released version 2.07 of his file system analysis tool The Sleuthkit:
There are a lot of updates and bug fixes. The summarized list is below. The executive summary is that there are new flags for ils to find orphan files and new flags for dls to specify allocation status.There were a lot [...]
Brian Carrierr released version 2.07 of his file system analysis tool The Sleuthkit:
There are a lot of updates and bug fixes. The summarized list is below. The executive summary is that there are new flags for ils to find orphan files and new flags for dls to specify allocation status.There were a lot [...]
Malware Analysis with PEiD
«
11 November 2006 |
15:41 |
Forensics, Live Response |
1 Comment | 2,023 Views
»
I’d like to comment on PEiD. If you have to analyse an unknown binary and you like to know some details about packers, compilers and crypto features, you should give PEiD a try.
I’d like to comment on PEiD. If you have to analyse an unknown binary and you like to know some details about packers, compilers and crypto features, you should give PEiD a try.
New Helix version released
«
12 October 2006 |
15:09 |
Forensics, Live Response, Tools |
1 Comment | 1,870 Views
»
There is a new Helix (Incident Response & Computer Forensics Live CD based on Knoppix) version released. Version 1.8 has a now Andreas Schuster’s PTFinder included an will no longer change JFS information. You can donwload Helix here.
All new features at a glance:
There is a new Helix (Incident Response & Computer Forensics Live CD based on Knoppix) version released. Version 1.8 has a now Andreas Schuster’s PTFinder included an will no longer change JFS information. You can donwload Helix here.
All new features at a glance:
FSP/FRU File Copy Client released
«
3 October 2006 |
14:02 |
Forensics, Live Response, Tools |
No Comments | 1,205 Views
»
Harlan Carvey just released the FSP/FRU File Copy Client on SourceForge. The FCli is a GUI client that the investigator can use to select files to be copied from the suspect system, over to the FSP server.
Harlan Carvey just released the FSP/FRU File Copy Client on SourceForge. The FCli is a GUI client that the investigator can use to select files to be copied from the suspect system, over to the FSP server.
Live Evidence Preview with Shadow 2
«
29 September 2006 |
18:10 |
Forensics, Tools |
No Comments | 1,744 Views
»
For the German journal iX we tested recently the Shadow 2 box from VOOM Technologies
For the German journal iX we tested recently the Shadow 2 box from VOOM Technologies
