Security Tools News & Tips » Forensics

Juniper Networks IDP Series

Niranjan — Fri, 28 Aug 2009 16:00:51 +0000

Juniper Networks IDP Series Intrusion Detection and Prevention Appliances offer the latest capabilities in network intrusion prevention to protect the network from a wide range of attacks. Using industry-recognized stateful detection and prevention techniques, the IDP Series provides zero-day protection against worms, trojans, spyware, keyloggers, and other malware.

Juniper Networks IDP Series Homepage

HttpWatch

Niranjan — Tue, 25 Aug 2009 17:00:01 +0000

HttpWatch is an HTTP viewer and debugger that integrates with IE and Firefox to provide seamless HTTP and HTTPS monitoring without leaving the browser window. All web applications make extensive use of the HTTP protocol (or HTTPS for secure sites). Even simple web pages require the use of multiple HTTP requests to download HTML, graphics and javascript. The ability to view the HTTP interaction between the browser and web site is crucial to these areas of web development:
• Trouble shooting
• Performance tuning
• Verifying that a site is secure and does not expose sensitive information
HttpWatch has a free basic edition and a professional edition – pricing from $395.

HttpWatch Homepage

Wireshark

Niranjan — Thu, 20 Aug 2009 22:33:52 +0000

Wireshark is the world’s foremost network protocol analyzer, and is the de facto (and often de jure) standard across many industries and educational institutions. Wireshark development thrives thanks to the contributions of networking experts across the globe. It is the continuation of a project that started in 1998. It started as Ethereal but was later re-branded as Wireshark due to trademark issues.

Wireshark Homepage

Gparted Live CD

Niranjan — Fri, 18 May 2007 01:44:41 +0000

Gparted Live CD provides the ability to have Partition Magic-type control for free. You can manage and clone partitions, plus a whole lot more. . The CD aims to be fast, small in size (~50mb), and use minimal resources to get that disk partitioned the way you want it. GParted LiveCD uses Xorg, the lightweight Fluxbox window manager, and the latest 2.6 Linux Kernel. The CD also offers the following programs: parted and fdisk vi, ntfs-3g, partimage, testdisk, Terminal and Midnight Commander. And also tool to make screenshots. GParted LiveCD runs on most x86 machines with a celeron 500mhz or better.

Homepage

Screenshots

KNOPPIX

Niranjan — Wed, 25 Apr 2007 02:20:57 +0000

KNOPPIX is a bootable Live system on CD or DVD, consisting of a representative collection of GNU/Linux software, automatic hardware detection, and support for many graphics cards, sound cards, SCSI and USB devices and other peripherals. KNOPPIX can be used as a productive Linux system for the desktop, educational CD, rescue system, or adapted and used as a platform for commercial software product demos. It is not necessary to install anything on a hard disk.

Homepage

RootkitRevealer

Niranjan — Thu, 12 Apr 2007 05:48:59 +0000

RootkitRevealer is an advanced rootkit detection utility. It runs on Windows NT 4 and higher and its output lists Registry and file system API discrepancies that may indicate the presence of a user-mode or kernel-mode rootkit. RootkitRevealer successfully detects all persistent rootkits published at www.rootkit.com, including AFX, Vanquish and HackerDefender (note: RootkitRevealer is not intended to detect rootkits like Fu that don’t attempt to hide their files or registry keys).

Homepage

Screenshot

Fenris

Niranjan — Thu, 29 Mar 2007 09:23:39 +0000

Fenris is a multipurpose tracer, GUI debugger, stateful analyzer and partial decompiler intended to simplify bug tracking, security audits, code, algorithm, protocol analysis and computer forensics – providing a structural program trace, interactive debugging capabilities, general information about internal constructions, execution path, memory operations, I/O, conditional expressions and much more.

Homepage

Forensic Toolkit

Niranjan — Sat, 24 Mar 2007 03:24:47 +0000

The AccessData Forensic Toolkit® (FTK™) offers law enforcement and corporate security professionals the ability to perform complete and thorough computer forensic examinations. The FTK features powerful file filtering and search functionality. FTK’s customizable filters allow you to sort through thousands of files to quickly find the evidence you need. FTK is recognized as the leading forensic tool to perform email analysis.

Homepage

EnCase Forensic

Niranjan — Mon, 05 Mar 2007 04:21:04 +0000

EnCase Forensic is the industry standard in computer forensic investigation technology. With an intuitive GUI, superior analytics, enhanced email/Internet support and a powerful scripting engine, EnCase provides investigators with a single tool, capable of conducting large-scale and complex investigations from beginning to end. Law enforcement officers, government/corporate investigators and consultants around the world benefit from the power of EnCase Forensic in a way that far exceeds any other forensic solution. It’s a windows software but can investigate and analyze multiple platforms — Windows, Linux, AIX, OS X, Solaris and more.

Homepage

Screenshots

Helix

Niranjan — Sat, 17 Feb 2007 01:08:23 +0000

Helix is a customized distribution of the Knoppix Live Linux CD. Helix is more than just a bootable live CD. You can still boot into a customized Linux environment that includes customized linux kernels, excellent hardware detection and many applications dedicated to Incident Response and Forensics. Helix has been modified very carefully to NOT touch the host computer in any way and it is forensically sound. Helix wil not auto mount swap space, or auto mount any attached devices. Helix also has a special Windows autorun side for Incident Response and Forensics.

Homepage