Security Tools News & Tips

Gparted Live CD provides the ability to have Partition Magic-type control for free. You can manage and clone partitions, plus a whole lot more. . The CD aims to be fast, small in size (~50mb), and use minimal resources to get that disk partitioned the way you want it. GParted LiveCD uses Xorg, the lightweight Fluxbox window manager, and the latest 2.6 Linux Kernel. The CD also offers the following programs: parted and fdisk vi, ntfs-3g, partimage, testdisk, Terminal and Midnight Commander. And also tool to make screenshots. GParted LiveCD runs on most x86 machines with a celeron 500mhz or better.

• More information or Write a review...(0)

KNOPPIX is a bootable Live system on CD or DVD, consisting of a representative collection of GNU/Linux software, automatic hardware detection, and support for many graphics cards, sound cards, SCSI and USB devices and other peripherals. KNOPPIX can be used as a productive Linux system for the desktop, educational CD, rescue system, or adapted and used as a platform for commercial software product demos. It is not necessary to install anything on a hard disk.

• More information or Write a review...(0)

RootkitRevealer is an advanced rootkit detection utility. It runs on Windows NT 4 and higher and its output lists Registry and file system API discrepancies that may indicate the presence of a user-mode or kernel-mode rootkit. RootkitRevealer successfully detects all persistent rootkits published at www.rootkit.com, including AFX, Vanquish and HackerDefender (note: RootkitRevealer is not intended to detect rootkits like Fu that don’t attempt to hide their files or registry keys).

• More information or Write a review...(0)

Fenris is a multipurpose tracer, GUI debugger, stateful analyzer and partial decompiler intended to simplify bug tracking, security audits, code, algorithm, protocol analysis and computer forensics - providing a structural program trace, interactive debugging capabilities, general information about internal constructions, execution path, memory operations, I/O, conditional expressions and much more.

• More information or Write a review...(0)

The AccessData Forensic Toolkit® (FTK™) offers law enforcement and corporate security professionals the ability to perform complete and thorough computer forensic examinations. The FTK features powerful file filtering and search functionality. FTK’s customizable filters allow you to sort through thousands of files to quickly find the evidence you need. FTK is recognized as the leading forensic tool to perform email analysis.

• More information or Write a review...(0)

EnCase Forensic is the industry standard in computer forensic investigation technology. With an intuitive GUI, superior analytics, enhanced email/Internet support and a powerful scripting engine, EnCase provides investigators with a single tool, capable of conducting large-scale and complex investigations from beginning to end. Law enforcement officers, government/corporate investigators and consultants around the world benefit from the power of EnCase Forensic in a way that far exceeds any other forensic solution. It’s a windows software but can investigate and analyze multiple platforms — Windows, Linux, AIX, OS X, Solaris and more.

• More information or Write a review...

Helix is a customized distribution of the Knoppix Live Linux CD. Helix is more than just a bootable live CD. You can still boot into a customized Linux environment that includes customized linux kernels, excellent hardware detection and many applications dedicated to Incident Response and Forensics. Helix has been modified very carefully to NOT touch the host computer in any way and it is forensically sound. Helix wil not auto mount swap space, or auto mount any attached devices. Helix also has a special Windows autorun side for Incident Response and Forensics.

• More information or Write a review...

RootKit Hunter is a scanning tool that checks for signs of various pieces of nasty software like rootkits, backdoors and local exploits on your Unix/Linux system. It runs many tests, including MD5 hash comparisons, default filenames used by rootkits, wrong file permissions for binaries, suspicious strings in LKM and KLD modules, hidden files and optional scan within plaintext and binary files.

• More information or Write a review...(0)

Chkrootkit is a very useful tool that can check for many signs of rootkit intrusion on Unix-based systems. It checks system binaries for rootkit modification and if the interface is in promiscuous mode. Other useful features include checks for wtmp/wtmpx/utmp/lastlog modifications and deletion.

• More information or Write a review...(0)