|
(Page 1 of 6) 1 2 3 4 5 6 Next > Category: Auditing » Forensics PacketFence Added 2009-07-20 PacketFence is a fully supported, Free and Open Source network access control (NAC) system. PacketFence is actively maintained and has been deployed in numerous large-scale institutions over the past years. It can be used to effectively secure networks - from small to very large heterogeneous networks. PacketFence has been deployed in production environments where thousands of users are involved. Among the different markets are : * banks * colleges and universities * engineering companies * manufacturing businesses * school boards (K-12) ... and many more! Released under the GPL, PacketFence offers an impressive amount of features. NetworkMiner Added 2009-05-21 NetworkMiner is a Network Forensic Analysis Tool (NFAT) for Windows that can detect the OS, hostname and open ports of network hosts through packet sniffing or by parsing a PCAP file. NetworkMiner can also extract transmitted files from network traffic. CUPP Added 2009-03-24 CUPP is a Common User Passwords Profiler. The most common form of authentication is the combination of a username and a password or passphrase. If both match values stored within a locally stored table, the user is authenticated for a connection. Password strength is a measure of the difficulty involved in guessing or breaking the password through cryptographic techniques or library-based automated testing of alternate values. A weak password might be very short or only use alphanumberic characters, making decryption simple. A weak password can also be one that is easily guessed by someone profiling the user, such as a birthday, nickname, address, name of a pet or relative, or a common word such as God, love, money or password. That is why CUPP was born, and it can be used in situations like legal penetration tests or forensic crime investigations. LogManager Added 2008-08-20 LogManager is a self running appliance that collects and stores the massive amounts of log data generated from applications and network devices found in large enterprise-class infrastructures. It provides a quick and cost-effective solution for organizations trying to achieve regulatory compliance today while enabling a simple upgrade to full-featured Event Management functionality tomorrow. DAVIX Added 2008-08-17 DAVIX - the Data Analysis & Visualization Linux® - brings the most important tools for data processing and visualization to your desk. This solution allows you to get started with security visualization without cumbersome compiling and installing tools. The DAVIX CD is based on SLAX 6.0 and follows a modularized approach. Thus, the SLAX ISO image can easily be customized for various purposes. It can even be installed on USB sticks and provide you with mobile analysis capabilities. The CD is shipped with a comprehensive manual that gives you a quick start for all tools and provides information on how-to tailor DAVIX to your needs. All tools are accessible through the KDE start menu and are accompanied with links to external manuals and tutorials. CryptoSearch Added 2006-08-08 LINReS Added 2006-08-07 LINReS is a Live Response script designed to run on suspect/compromised Linux systems system with a minimal impact on the system to satisfy various forensic standards requirements. This script has been tested successfully on RedHat Enterprise Linux systems. LINReS consists of mostly statically compiled binaries and includes the various shared libraries that may be required to run the binaries (which are not statically compiled). All in all, no binary from the compromised system is used by this tool which mitigates the risk of collecting information on a trojaned system. Log 2 Google Earth Added 2006-07-26 Visualize any logfile (firewall / apache you name it) in near realtime on Google Earth. See where you traffic is coming and going to. OmniPeek Personal Added 2006-06-21 OmniPeek Personal is a free version of the commercial protocol analyzer AiroPeek and EtherPeek, with support for both wired and wireless (802.11) traffic. Additional plug-ins may also be downloaded, such as: a Google Maps plugin which plots the location of an IP in Google Maps, a SQLite plug-in which can store packets in SQLite files so they can be searched with SQL queries, and a Remote TCPDump plug-in which can securely (SSH) connect to any Unix or Linux computer (e.g. Check Point's FireWall-1) and stream the packets back into OmniPeek for analysis -- all with out having to install any software on the remote end. Belkasoft Forensic IM Extractor Added 2006-06-12 This tool for e-crime/forensic professionals eases their work on analysing Internet Messengers histories. No password required. Supports various IMs: ICQ versions 99a up to ICQ5, MSN Messenger, Yahoo! Messenger, &RQ, Miranda. Supports deep ICQ analysis using different methods (with and without usage of index file) that allows user to extract even deleted and overwritten messages. The latter ability is indispensable for e-crime professionals. A number of different options available like filtering messages by time, sent/received type, user; ability to convert history to ICQ5 format; multibyte codepages are supported. More info at http://belkasoft.com. Browse by category |
|
|
Privacy Statement |
