Forensic Tools Part-2

By Anonymous -
NetSleuth Its identifies and fingerprints network devices by silent network monitoring or by processing data from PCAP files.

NetSleuth is an opensource network forensics and analysis tool, designed for triage in incident response situations. It can identify and fingerprint network hosts and devices from pcap files captured from Ethernet or WiFi data (from tools like Kismet).  It is a free network monitoring, cyber security and network forensics analysis (NFAT) tool

PhotobucketDownload


Bug TraQ




Bugtraq system offers the most comprehensive distribution, optimal, stable and automatic security to date. Bugtraq is a distribution based on the 2.6.38 kernel has a wide range of penetration and forensic tools. Bugtraq can be installed from a Live DVD or USB drive, the distribution is customized to the last package, configured and updated the kernel. The kernel has been patched for better performance to recognize a variety of hardware, including wireless injection patches pentesting that other distributions do not recognize.

Features:
  • Patching the kernel 2.6.38 to recognize 4 gigs of RAM in 32-bit.
  •  Tools perfectly configured, automated installation scripts and tools like Nessus, OpenVAS, Greenbone, Nod32, Hashcat, Avira, BitDefender, ClamAV, Avast, AVG, etc...
  • Unique Scripts from Bugtraq-Team (SVN updates tools, delete tracks, backdoors, Spyder-sql, etc.

PhotobucketDownload

Hex Workshop


The Hex Workshop Hex Editor is a set of hexadecimal development tools for Microsoft
Windows, combining advanced binary editing with the ease and flexibility of a word processor. With Hex Workshop you can
Edit, cut, copy, paste, insert, and delete of Hex Script.
Hex values can be grouped by 1, 2, 4, 8 or 16 bytes.
Search using Hex Strings (including wildcards).
Find and replace by Hex Strings, Text, Strings or values.
Sector edit partitions or physical disks.
Checksum either entire document or a selection.
Arithmetic operations: +, -, *, /, %, ().
C/C++ Plug-in API.
Hex/Decimal calculator supporting: +,-,*,/,|,&,^,<<,>>, ~


PhotobucketDownload

Helix

Helix is more on the forensics and incident response side than the networking or pen-testing side. Still a very useful tool to carry.

Helix is a customized distribution of the Knoppix Live Linux CD. Helix is more than just a bootable live CD. You can still boot into a customized Linux environment that includes customized linux kernels, excellent hardware detection and many applications dedicated to Incident Response and Forensics.

PhotobucketDownload

Hiren’s BootCD 14.1

All in One Bootable CD which has all utilities..


PhotobucketDownload

Comments

Post a Comment

Popular posts from this blog

HOW TO CREATE A TRUECRYPT ENCRYPTED EXTERNAL STORAGE DRIVE USB OR ESATA

By -
Image
Many users end up using external removable media for their server’s important data. Oftentimes this can be done as part of a manual off-site backup process for important data or simply when moving sensitive data off of a server, for example with employee records, company records, litigation files, and mergers and acquisitions related documents that need to be used on a notebook without network access. I have used the TrueCrypt benchmark in many reviews including the new Xeon E3-1280, Xeon E3-1220, E3-1230, dual E5606, and W3550 CPUs, as well as the Sandy Bridge i7-2600K and i5-2500K pieces over the past few weeks. TrueCrypt is one of those awesome open source utilities that can help secure data. One will notice that the 32nm Intel parts have AES-NI and absolutely fly when doing encoding. For most external media, the 32nm parts can encrypt data at a rate many times the media rate which may make the speed seem excessive. However, TrueCrypt can be used on system disks and RAID arrays al...
Read more

Activate Windows Server 2012 Evaluation to Full Version

By -
Image
After installing and configuring  Server 2012  as evaluation mode, it is often a requirement to upgrade it to full retail version. In this post, I will show steps to activate Windows Server 2012 Evaluation to full version.  DISM (Deployment Image Servicing and Management Tool)  command line tool will be used to perform the upgrade of server from evaluation to full version. For Windows Server 2012 Standard, you can the system to Windows Server 2012 Datacenter as follows: From an elevated command prompt, determine the current edition name with the command  DISM /online /Get-CurrentEdition . Make note of the edition ID, an abbreviated form of the edition name. Then run  DISM /online /Set-Edition:<edition ID> /ProductKey:XXXXX-XXXXX-XXXXX-XXXXX-XXXXX /AcceptEula , providing the edition ID and a retail product key.   And press  Enter  :     Press  Y  and the server will restart twice. When yo...
Read more

How to Install and Configure WDS Server In Windows Server 2012 R2

By -
Image
Windows Deployment Services Getting Started Guide for Windows Server 2012 How to Install and Configure  WDS  in Windows Server 2012 R2 is a step by step guide to  Windows Deployment Services . Windows Deployment Services is a Microsoft server technology for network-based installation of Windows operating systems and It is the successor to Remote Installation Services of Server 2003. In Windows Server 2012 R2, the following requirements needed for installing Windows Deployment Services role, depending on whether you choose the default installation (both Deployment Server and Transport Server), or only the Transport Server role service. WDS Prerequisites The Windows Deployment Services server must be a member of an Active Directory Domain Services ( AD DS ) domain or a domain controller. You may need to ‘ Install Active Directory in Windows Server 2012 R2 ‘. The Domain Name System ( DNS ) server on the network before you can run Windows Deploym...
Read more