Forensics
Open Computer Forensics Architecture (OCFA) is a modular computer forensics framework built by the Dutch National Police Agency. The main goal is to automate the digital forensic process to speed up the investigation and give tactical investigators direct access to the seized data through an easy...
Platforms: *nix
License: Freeware | Size: 1.9 MB | Download (120): Open Computer Forensics Architecture Download |
PTK is an alternative advanced interface for the suite TSK (The Sleuth Kit).Ptk-forensics was developed from scratch and besides providing the functions already present in Autopsy. It also implements numerous new features essential during forensic activity.
Platforms: PHP
License: Freeware | Size: 1.02 MB | Download (40): Ptk-forensics Download |
mac-robber is a digital forensics and incident response tool that can be used with The Sleuth Kit to create a timeline of file activity for mounted file systems.
Platforms: *nix
License: Freeware | Size: 10.24 KB | Download (32): mac-robber Download |
UserTracking 2 is a tool that works closely together with Radiator and 802.1x in an attempt to facilitate forensics investigations. It does this by linking network layer 2 (i.e. MAC addresses) to network layer 3 (i.e. IP addresses). Since 802.1x keeps logs of users and MAC addresses while...
Platforms: *nix
License: Freeware | Download (89): UserTracking 2 Beta Download |
Vinetto project is a forensics tool to examine Thumbs.db files. The project is a command line python script that works on Linux, Mac OS X and Cygwin(win32). Usage: Usage: vinetto [OPTIONS] [-s] [-U] [-o DIR] file options: --version show programs version number and exit -h, --help show...
Platforms: *nix
License: Freeware | Size: 15.36 KB | Download (115): Vinetto 0.07 Download |
Fenris is a suite of tools suitable for code analysis, debugging, protocol analysis, reverse engineering, forensics, diagnostics, security audits, vulnerability research and many other purposes. The main logical components are: - Fenris: high-level tracer, a tool that detects the logic used...
Platforms: *nix
License: Freeware | Size: 1.1 MB | Download (106): Fenris 0.07-m2 build Download |
Impost is a network security auditing tool designed to analyze the forensics behind compromised and/or vulnerable daemons. Theres two different kinds of operating modes used by Impost; It can either act as a honey pot and take orders from a Perl script controlling how it responds and communicates...
Platforms: *nix
License: Freeware | Size: 225.28 KB | Download (103): Impost Download |
mac-robber is a digital forensics and incident response tool that can be used with The Sleuth Kit to create a timeline of file activity for mounted file systems.
Platforms: Mac, BSD, Solaris, Linux
License: Freeware | Size: 11.43 KB | Download (52): mac-robber Download |
Mac OS X's installation media includes a number of very useful tools for resetting passwords, diagnosing hardware issues, cloning drives, copying data, checking and repairing filesystems, managing disks, and even conducting forensics if you're so inclined. However, there are a number of...
Platforms: Mac
License: Freeware | Size: 10.24 KB | Download (52): miniclone Download |
It's an acronym for "Open Digital Evidence Search and Seizure Architecture" The intent of this project is to provide a completely open and extensible suite of tools for performing digital evidence analysis as well as a means of generating a usable report detailing the analysis and any findings....
Platforms: Mac
License: Freeware | Size: 215.04 KB | Download (39): ODESSA Download |
Ubuntu Rescue Remix is a GNU/Linux live system which runs from CD or USB flash device. It provides the data recovery specialist with a command-line interface environment equipped with the best free-libre, open source data recovery and forensics tools available.
Platforms: *nix
License: Freeware | Size: 244.95 MB | Download (39): Ubuntu Rescue Remix Download |
dc3dd is a patched version of GNU dd to include a number of features useful for computer forensics. Many of these features were inspired by dcfldd, but were rewritten for dc3dd. Pattern writes. The program can write a single hexadecimal value or a text string to the output device for wiping...
Platforms: *nix
License: Freeware | Size: 2.83 MB | Download (37): dc3dd Download |
Disk Investigator helps you to discover all that is hidden on your computer hard disk. It can also help you to recover lost data. Display the true drive contents by bypassing the operating system and directly reading the raw drive sectors. View and search raw directories, files, clusters, and...
Platforms: Windows
License: Freeware | Size: 350 KB | Download (1141): Disk Investigator Download |
DEFT (acronym of Digital Evidence & Forensic Toolkit) is a customized Linux distribution of the Kubuntu live Linux CD. It is a very easy to use system that includes an excellent hardware detection and the best open source applications dedicated to incident response and computer forensics....
Platforms: *nix
License: Freeware | Size: 637 MB | Download (178): DEFT Download |
STD is a Linux-based Security Tool. Actually, it is a collection of hundreds if not thousands of open source security tools. Its a Live Linux Distro, which means it runs from a bootable CD in memory without changing the native operating system of the host computer. Its sole purpose in life is to...
Platforms: *nix
License: Freeware | Size: 497 MB | Download (110): Knoppix STD Download |
Distributed Aide Runtime Controller is a multi-threaded Python application designed for managing AIDE installations in large heterogeneous networks. AIDE is an open-source improvement upon the academic release of Tripwire. It can be used to detect filesystem changes in unix environments, which...
Platforms: *nix
License: Freeware | Size: 11.26 KB | Download (94): Distributed Aide Runtime Controller Download |
Browser History Viewer allows you to examine the contents of web browser history files and export the data. Currently it supports Internet Explorer and Mozilla/Firefox. Browser History Viewer meant to be a forensics tool. It meant to be a forensics tool. BHV is licensed under the terms of...
Platforms: *nix
License: Freeware | Download (472): Browser History Viewer Download |
Trinux is a ramdisk-based Linux distribution that boots from a single floppy or CD-ROM, loads it packages from an HTTP/FTP server, a FAT/NTFS/ISO filesystem, or additional floppies. Trinux contains the latest versions of popular Open Source network security tools for port scanning, packet...
Platforms: *nix
License: Freeware | Size: 19.8 MB | Download (117): Trinux Download |
Fakebust provides a malicious exploit discriminator. Fakebust is a program that assists with the rapid assessment and supervised execution of potentially malicious programs such as exploits or utilities of unknown origin, programs recovered during OS forensics, or acquired from a honeypot....
Platforms: *nix
License: Freeware | Size: 38.91 KB | Download (132): Fakebust Download |
Plan-B is a bootable Linux environment without the need for a hard drive, it runs entirely in ram or from the cd, based on a basic, stripped installation of Red Hat Linux and the fundamental workings of the SuperRescue CD. A list of tools and utilities are also included for projects such as: *...
Platforms: *nix
License: Freeware | Size: 546 MB | Download (118): Plan-B Linux Download |