|
(Page 1 of 6) 1 2 3 4 5 6 Next > Category: Auditing » Forensics LogManager Added 2008-08-20 LogManager is a self running appliance that collects and stores the massive amounts of log data generated from applications and network devices found in large enterprise-class infrastructures. It provides a quick and cost-effective solution for organizations trying to achieve regulatory compliance today while enabling a simple upgrade to full-featured Event Management functionality tomorrow. DAVIX Added 2008-08-17 DAVIX - the Data Analysis & Visualization Linux® - brings the most important tools for data processing and visualization to your desk. This solution allows you to get started with security visualization without cumbersome compiling and installing tools. The DAVIX CD is based on SLAX 6.0 and follows a modularized approach. Thus, the SLAX ISO image can easily be customized for various purposes. It can even be installed on USB sticks and provide you with mobile analysis capabilities. The CD is shipped with a comprehensive manual that gives you a quick start for all tools and provides information on how-to tailor DAVIX to your needs. All tools are accessible through the KDE start menu and are accompanied with links to external manuals and tutorials. CryptoSearch Added 2006-08-08 LINReS Added 2006-08-07 LINReS is a Live Response script designed to run on suspect/compromised Linux systems system with a minimal impact on the system to satisfy various forensic standards requirements. This script has been tested successfully on RedHat Enterprise Linux systems. LINReS consists of mostly statically compiled binaries and includes the various shared libraries that may be required to run the binaries (which are not statically compiled). All in all, no binary from the compromised system is used by this tool which mitigates the risk of collecting information on a trojaned system. Log 2 Google Earth Added 2006-07-26 Visualize any logfile (firewall / apache you name it) in near realtime on Google Earth. See where you traffic is coming and going to. OmniPeek Personal Added 2006-06-21 OmniPeek Personal is a free version of the commercial protocol analyzer AiroPeek and EtherPeek, with support for both wired and wireless (802.11) traffic. Additional plug-ins may also be downloaded, such as: a Google Maps plugin which plots the location of an IP in Google Maps, a SQLite plug-in which can store packets in SQLite files so they can be searched with SQL queries, and a Remote TCPDump plug-in which can securely (SSH) connect to any Unix or Linux computer (e.g. Check Point's FireWall-1) and stream the packets back into OmniPeek for analysis -- all with out having to install any software on the remote end. Belkasoft Forensic IM Extractor Added 2006-06-12 This tool for e-crime/forensic professionals eases their work on analysing Internet Messengers histories. No password required. Supports various IMs: ICQ versions 99a up to ICQ5, MSN Messenger, Yahoo! Messenger, &RQ, Miranda. Supports deep ICQ analysis using different methods (with and without usage of index file) that allows user to extract even deleted and overwritten messages. The latter ability is indispensable for e-crime professionals. A number of different options available like filtering messages by time, sent/received type, user; ability to convert history to ICQ5 format; multibyte codepages are supported. More info at http://belkasoft.com. darc - Distributed Aide Runtime Controller Added 2006-04-24 darc is a multi-threaded Python application designed for managing AIDE installations in large heterogeneous networks. It provides centralized database management, unified reporting, and eliminates the need to maintain Aide databases and binaries on read-only media. Elcomsoft Distributed Password Recovery Added 2006-02-15 Elcomsoft Distributed Password Recovery (EDPR) offers administrators a comprehensive solution for recovering passwords to Microsoft Office documents when employees forget or lost their passwords. EDPR lets you coordinate all of the unused computing power of every computer on your LAN or WAN, and use distributed processing to restore the lost password by installing the "agents" onto as many computers on the network as the user desires; each of these agents uses brute force to try to recover the lost password. EDPR restores passwords for Word and Excel documents encrypted with 40 bit keys (Office 97/2000 compatible) as well as more recent documents (Office XP/2003) encrypted with CSP. Office 97/2000 documents can be also decrypted by recovery of encryption keys instead of password, and that type of attack gives a guaranteed result regardless of password length and complexity. Advanced Archive Password Recovery Added 2005-10-04 Advanced Archive Password Recovery is a program to recover lost or forgotten passwords for ZIP(PKZip/WinZip), ARJ/WinARJ, RAR/WinRAR and ACE/WinACE (1.x) archives. Supports the customizable "brute-force" attack, effectively optimized for speed (for traditional ZIP encryption, up to 15 million passwords per second on Pentium 4); dictionary-based attack, and very fast and effective known-plaintext attack. Supports strong WinZip encryption (AES). Multilangual interface is provided. Browse by category |
|
 Privacy Statement |
