1
0
mirror of https://github.com/byReqz/blackmate.git synced 2024-11-01 11:33:13 +00:00
blackmate/categories/forensic
2016-06-25 21:58:53 +08:00

67 lines
8.1 KiB
Plaintext

aesfix|1.0.1|A tool to find AES key in RAM|http://citp.princeton.edu/memory/code/
aeskeyfind|1.0|A tool to find AES key in RAM|http://citp.princeton.edu/memory/code/
afflib|3.7.4|An extensible open format for the storage of disk images and related forensic information.|http://www.afflib.org
aimage|3.2.5|A program to create aff-images.|http://www.afflib.org
air|2.0.0|A GUI front-end to dd/dc3dd designed for easily creating forensic images.|http://air-imager.sourceforge.net/
autopsy|2.24|A GUI for The Sleuth Kit.|http://www.sleuthkit.org/autopsy
bmap-tools|3.2|Tool for copying largely sparse files using information from a block map file.|http://git.infradead.org/users/dedekind/bmap-tools.git
bulk-extractor|1.5.5|Bulk Email and URL extraction tool.|https://github.com/simsong/bulk_extractor
canari|1.1|A transform framework for maltego|http://www.canariproject.com/
captipper|66.98d63eb|Malicious HTTP traffic explorer tool.|http://www.omriher.com/2015/01/captipper-malicious-http-traffic.html
casefile|1.0.1|The little brother to Maltego without transforms, but combines graph and link analysis to examine links between manually added data to mind map your information|http://www.paterva.com/web6/products/casefile.php
chaosmap|1.3|An information gathering tool and dns / whois / web server scanner|http://freecode.com/projects/chaosmap
chntpw|140201|Offline NT Password Editor - reset passwords in a Windows NT SAM user database file|http://pogostick.net/~pnh/ntpasswd/
chromefreak|24.12745b1|A Cross-Platform Forensic Framework for Google Chrome|http://osandamalith.github.io/ChromeFreak/
dc3dd|7.2.641|A patched version of dd that includes a number of features useful for computer forensics.|http://sourceforge.net/projects/dc3dd
dcfldd|1.3.4.1|DCFL (DoD Computer Forensics Lab) dd replacement with hashing|http://dcfldd.sourceforge.net/
ddrescue|1.21|GNU data recovery tool|http://www.gnu.org/software/ddrescue/ddrescue.html
dumpzilla|03152013|A forensic tool for firefox.|http://www.dumpzilla.org/
eindeutig|20050628_1|Examine the contents of Outlook Express DBX email repository files (forensic purposes)|http://www.jonesdykstra.com/
exiv2|0.25|Exif, Iptc and XMP metadata manipulation library and tools|http://exiv2.org
extundelete|0.2.4|Utility for recovering deleted files from ext2, ext3 or ext4 partitions by parsing the journal|http://extundelete.sourceforge.net
foremost|1.5.7|A console program to recover files based on their headers, footers, and internal data structures|http://foremost.sourceforge.net/
galleta|20040505_1|Examine the contents of the IE's cookie files for forensic purposes|http://www.jonesdykstra.com/
grokevt|0.5.0|A collection of scripts built for reading Windows® NT/2K/XP/2K eventlog files.|http://code.google.com/p/grokevt/
guymager|0.8.1|A forensic imager for media acquisition.|http://guymager.sourceforge.net/
hashdeep|4.4|Advanced checksum hashing tool.|http://md5deep.sourceforge.net/
indxparse|166.14839a6|A Tool suite for inspecting NTFS artifacts.|http://www.williballenthin.com/forensics/mft/indxparse/
interrogate|0.0.4|A proof-of-concept tool for identification of cryptographic keys in binary material (regardless of target operating system), first and foremost for memory dump analysis and forensic usage.|https://github.com/carmaa/interrogate
iosforensic|1.0|iOS forensic tool https://www.owasp.org/index.php/Projects/OWASP_iOSForensic|https://github.com/Flo354/iOSForensic
ipba2|032013|IOS Backup Analyzer|http://www.ipbackupanalyzer.com/
iphoneanalyzer|2.1.0|Allows you to forensically examine or recover date from in iOS device.|http://www.crypticbit.com/zen/products/iphoneanalyzer
mac-robber|1.02|A digital investigation tool that collects data from allocated files in a mounted file system.|http://www.sleuthkit.org/mac-robber/download.php
magicrescue|1.1.9|Find and recover deleted files on block devices|http://freshmeat.net/projects/magicrescue/
make-pdf|0.1.6|This tool will embed javascript inside a PDF document.|http://blog.didierstevens.com/programs/pdf-tools/
malheur|0.5.4|A tool for the automatic analyze of malware behavior.|http://www.mlsec.org/malheur/
maltego|3.6.0.6640|An open source intelligence and forensics application, enabling to easily gather information about DNS, domains, IP addresses, websites, persons, etc.|http://www.paterva.com/web5
malwaredetect|0.1|Submits a file's SHA1 sum to VirusTotal to determine whether it is a known piece of malware|http://www.virustotal.com
mboxgrep|0.7.9|A small, non-interactive utility that scans mail folders for messages matching regular expressions. It does matching against basic and extended POSIX regular expressions, and reads and writes a variety of mailbox formats.|http://mboxgrep.sourceforge.net
mdbtools|0.7.1|Utilities for viewing data and exporting schema from Microsoft Access Database files|http://sourceforge.net/projects/mdbtools/
memdump|1.01|Dumps system memory to stdout, skipping over holes in memory maps.|http://www.porcupine.org/forensics/tct.html
memfetch|0.05b|Dumps any userspace process memory without affecting its execution.|http://lcamtuf.coredump.cx/
mobiusft|0.5.21|An open-source forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions.|http://savannah.nongnu.org/projects/mobiusft
mp3nema|0.4|A tool aimed at analyzing and capturing data that is hidden between frames in an MP3 file or stream, otherwise noted as "out of band" data.|http://packetstormsecurity.com/files/76432/MP3nema-Forensic-Analysis-Tool.html
nfex|2.5|A tool for extracting files from the network in real-time or post-capture from an offline tcpdump pcap savefile.|https://code.google.com/p/nfex/
pasco|20040505_1|Examines the contents of Internet Explorer's cache files for forensic purposes|http://www.jonesdykstra.com/
pdf-parser|0.6.4|Parses a PDF document to identify the fundamental elements used in the analyzed file.|http://blog.didierstevens.com/programs/pdf-tools/
pdfbook-analyzer|2|Utility for facebook memory forensics.|http://sourceforge.net/projects/pdfbook/
pdfid|0.2.1|Scan a file to look for certain PDF keywords.|http://blog.didierstevens.com/programs/pdf-tools/
pdfresurrect|0.12|A tool aimed at analyzing PDF documents.|http://packetstormsecurity.com/files/118459/PDFResurrect-PDF-Analyzer.12.html
peepdf|0.3|A Python tool to explore PDF files in order to find out if the file can be harmful or not|http://eternal-todo.com/tools/peepdf-pdf-analysis-tool
pev|0.70|Command line based tool for PE32/PE32+ file analysis.|http://pev.sourceforge.net/
recoverjpeg|2.6|Recover jpegs from damaged devices.|http://www.rfc1149.net/devel/recoverjpeg
reglookup|1.0.1|Command line utility for reading and querying Windows NT registries|http://projects.sentinelchicken.org/reglookup
replayproxy|1.1|Forensic tool to replay web-based attacks (and also general HTTP traffic) that were captured in a pcap file.|https://code.google.com/p/replayproxy/
rifiuti2|0.6.1|A rewrite of rifiuti, a great tool from Foundstone folks for analyzing Windows Recycle Bin INFO2 file.|https://code.google.com/p/rifiuti2/
rkhunter|1.4.2|Checks machines for the presence of rootkits and other unwanted tools.|http://rkhunter.sourceforge.net/
safecopy|1.7|A disk data recovery tool to extract data from damaged media.|http://safecopy.sourceforge.net/
scalpel|2.0|A frugal, high performance file carver|http://www.digitalforensicssolutions.com/Scalpel/
scrounge-ntfs|0.9|Data recovery program for NTFS file systems|http://memberwebs.com/stef/software/scrounge/
skypefreak|33.9347a65|A Cross Platform Forensic Framework for Skype.|http://osandamalith.github.io/SkypeFreak/
sleuthkit|4.2.0|File system and media management forensic analysis tools|http://www.sleuthkit.org/sleuthkit
tekdefense-automater|88.42548cf|IP URL and MD5 OSINT Analysis|https://github.com/1aN0rmus/TekDefense-Automater
trid|2.20|An utility designed to identify file types from their binary signatures.|http://mark0.net/soft-trid-e.html
unhide|20130526|A forensic tool to find processes hidden by rootkits, LKMs or by other techniques.|http://sourceforge.net/projects/unhide/
vinetto|0.07beta|A forensics tool to examine Thumbs.db files|http://vinetto.sourceforge.net
xplico|33.0f6d8bc|Internet Traffic Decoder. Network Forensic Analysis Tool (NFAT).|http://www.xplico.org/