through h4x0r3d's eyes

OSForensics – Digital investigations faster

Here there is a new utility called OSForensics, currently it is freely available that I found very useful for conducting a computer forensics. OSForensics can retrieve data about recently accessed applications, documents, media and network shares by scanning locations in the registry which store a user’s Most Recently Used (MRU) lists. The data which can be tracked by OSForensics includes files accessed in Microsoft Office applications, Microsoft Wordpad, Microsoft Paint, Microsoft Media Player, Windows Search, Connected Network Drives and the Windows Run command. Read More Here

Download OSForensics

Open source digital #forensics http://goo.gl/fb/KFEGr #security #opensource #tools #hacking #programming #software

The Open Source Digital Forensics site is a reference for the use of open source software in digital investigations (a.k.a. digital forensics, computer forensics, incident response). Open source tools may have a legal benefit over closed source tools because they have a documented procedure and allow the investigator to verify that a tool does what it claims.

Recent Updates (past 30 days):

liblnk

Author: Joachim Metz

Library and tools to access the Windows Shortcut File (LNK) Format.

Website:

http://sourceforge.net/projects/liblnk/

tcpdump

Author: Several - Collaborative

This is a powerful command-line packet analyzer; and libpcap, a portable C/C++ library for network traffic capture.
In addition to packet capture it can be used to read back a capture file. It is able to decode layer 2 through to layer 4 protocols, and some higher layer protocols as well. Decoded packets may be displayed in raw or ASCII.

Perhaps the most powerful feature is the inclusion of an extremely powerful filtering language called the “Berkley Packet Filter” BPF.

Website:

http://www.tcpdump.org