Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 07:57:41 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1446148455&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Forensics%20Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2Ffiles%2Ftags%2Fforensics%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1446148455.1338191861.1338191861.1338191861.1%3B%2B__utmz%3D32867617.1338191861.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/113003/mobiusft-0.5.13.tar.gz http://packetstormsecurity.org/files/113003/mobiusft-0.5.13.tar.gz http://packetstormsecurity.org/files/113003/Mobius-Forensic-Toolkit-0.5.13.html Thu, 24 May 2012 02:46:01 GMT Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools. http://packetstormsecurity.org/files/112450/ransack.sh.txt http://packetstormsecurity.org/files/112450/ransack.sh.txt http://packetstormsecurity.org/files/112450/Ransack-Post-Exploitation-Tool.html Thu, 03 May 2012 23:09:12 GMT Ransack is a post exploitation shellscript for penetration testers. Its purpose is to grab any information deemed relevant on a system, post root compromise. This information may include config files, ssh keys, ssl keys, or any other information deemed valuable. http://packetstormsecurity.org/files/112063/mobiusft-0.5.12.tar.gz http://packetstormsecurity.org/files/112063/mobiusft-0.5.12.tar.gz http://packetstormsecurity.org/files/112063/Mobius-Forensic-Toolkit-0.5.12.html Sat, 21 Apr 2012 00:22:35 GMT Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools. http://packetstormsecurity.org/files/111907/RadioGraPhy.zip http://packetstormsecurity.org/files/111907/RadioGraPhy.zip http://packetstormsecurity.org/files/111907/RadioGraPhy-Forensic-Tool.html Mon, 16 Apr 2012 16:55:55 GMT Radiography is a forensic tool which grabs as much information as possible from a Windows system. It checks registry keys related to start up processes, registry keys with Internet Explorer settings, host file contents, taskScheduler tasks, loaded system drivers, uses WinUnhide to catch hidden processes, and does much more. http://packetstormsecurity.org/files/111198/codetective-0.7.tar.bz2 http://packetstormsecurity.org/files/111198/codetective-0.7.tar.bz2 http://packetstormsecurity.org/files/111198/Codetective-0.7.html Tue, 27 Mar 2012 12:12:12 GMT Codetective is an analysis tool to determine the crypto/encoding algorithm used according to traces of its representation. It can be used as a standalone version or as a volatility plugin for memory analysis. Written in Python. http://packetstormsecurity.org/files/110226/xplico-1.0.0.tgz http://packetstormsecurity.org/files/110226/xplico-1.0.0.tgz http://packetstormsecurity.org/files/110226/Xplico-Network-Forensic-Analysis-Tool-1.0.0.html Sun, 26 Feb 2012 23:22:22 GMT Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc. This is the version that has a GUI allowing you to view photos, texts and videos contained in MMS messages. http://packetstormsecurity.org/files/109100/mobiusft-0.5.11.tar.gz http://packetstormsecurity.org/files/109100/mobiusft-0.5.11.tar.gz http://packetstormsecurity.org/files/109100/Mobius-Forensic-Toolkit-0.5.11.html Wed, 25 Jan 2012 23:24:54 GMT Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools. http://packetstormsecurity.org/files/108701/xplico-0.7.1.tgz http://packetstormsecurity.org/files/108701/xplico-0.7.1.tgz http://packetstormsecurity.org/files/108701/Xplico-Network-Forensic-Analysis-Tool-0.7.1.html Mon, 16 Jan 2012 03:01:28 GMT Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc. This is the version that has a GUI allowing you to view photos, texts and videos contained in MMS messages. http://packetstormsecurity.org/files/108081/mobiusft-0.5.10.tar.gz http://packetstormsecurity.org/files/108081/mobiusft-0.5.10.tar.gz http://packetstormsecurity.org/files/108081/Mobius-Forensic-Toolkit-0.5.10.html Wed, 21 Dec 2011 21:59:23 GMT Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools. http://packetstormsecurity.org/files/106683/xplico-0.7.0.tgz http://packetstormsecurity.org/files/106683/xplico-0.7.0.tgz http://packetstormsecurity.org/files/106683/Xplico-Network-Forensic-Analysis-Tool-0.7.0.html Mon, 07 Nov 2011 15:35:53 GMT Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc. This is the version that has a GUI allowing you to view photos, texts and videos contained in MMS messages. http://packetstormsecurity.org/files/105506/malware_analyser-3.3.zip http://packetstormsecurity.org/files/105506/malware_analyser-3.3.zip http://packetstormsecurity.org/files/105506/Malware-Analyser-3.3.html Mon, 03 Oct 2011 23:33:33 GMT Malware Analyser is freeware tool to perform static and dynamic analysis on malwares. http://packetstormsecurity.org/files/104578/mobiusft-0.5.9.tar.gz http://packetstormsecurity.org/files/104578/mobiusft-0.5.9.tar.gz http://packetstormsecurity.org/files/104578/Mobius-Forensic-Toolkit-0.5.9.html Tue, 30 Aug 2011 02:03:44 GMT Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools. http://packetstormsecurity.org/files/104577/malheur-0.5.2.tar.gz http://packetstormsecurity.org/files/104577/malheur-0.5.2.tar.gz http://packetstormsecurity.org/files/104577/Malheur-Malware-Analyzer-0.5.2.html Tue, 30 Aug 2011 02:03:16 GMT Malheur is a tool for automatic analysis of program behavior recorded from malicious software (malware). It is designed to support the regular analysis of malicious software and the development of detection and defense measures. It allows for identifying novel classes of malware with similar behavior and assigning unknown malware to discovered classes. It can be applied to recorded program behavior of various formats as long as monitored events are separated by delimiter symbols, e.g. as in reports generated by the popular malware sandboxes CWSandbox, Anubis, Norman Sandbox, and Joebox. http://packetstormsecurity.org/files/104436/malheur-0.5.1.tar.gz http://packetstormsecurity.org/files/104436/malheur-0.5.1.tar.gz http://packetstormsecurity.org/files/104436/Malheur-Malware-Analyzer-0.5.1.html Thu, 25 Aug 2011 00:39:38 GMT Malheur is a tool for automatic analysis of program behavior recorded from malicious software (malware). It is designed to support the regular analysis of malicious software and the development of detection and defense measures. It allows for identifying novel classes of malware with similar behavior and assigning unknown malware to discovered classes. It can be applied to recorded program behavior of various formats as long as monitored events are separated by delimiter symbols, e.g. as in reports generated by the popular malware sandboxes CWSandbox, Anubis, Norman Sandbox, and Joebox. http://packetstormsecurity.org/files/103104/malware_analyser-3.2.zip http://packetstormsecurity.org/files/103104/malware_analyser-3.2.zip http://packetstormsecurity.org/files/103104/Malware-Analyser-3.2.html Sat, 16 Jul 2011 15:25:23 GMT Malware Analyser is freeware tool to perform static and dynamic analysis on malwares. http://packetstormsecurity.org/files/102554/mobiusft-0.5.8.tar.gz http://packetstormsecurity.org/files/102554/mobiusft-0.5.8.tar.gz http://packetstormsecurity.org/files/102554/Mobius-Forensic-Toolkit-0.5.8.html Fri, 24 Jun 2011 09:17:25 GMT Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools. http://packetstormsecurity.org/files/102200/malware_analyser-3.1.zip http://packetstormsecurity.org/files/102200/malware_analyser-3.1.zip http://packetstormsecurity.org/files/102200/Malware-Analyser-3.1.html Sun, 12 Jun 2011 18:40:40 GMT Malware Analyser is freeware tool to perform static and dynamic analysis on malwares. http://packetstormsecurity.org/files/102039/xplico-0.6.3.tgz http://packetstormsecurity.org/files/102039/xplico-0.6.3.tgz http://packetstormsecurity.org/files/102039/Xplico-Network-Forensic-Analysis-Tool-0.6.3.html Tue, 07 Jun 2011 01:41:45 GMT Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc. This is the version that has a GUI allowing you to view photos, texts and videos contained in MMS messages. http://packetstormsecurity.org/files/101678/dff-src-1.1.0.tar.gz http://packetstormsecurity.org/files/101678/dff-src-1.1.0.tar.gz http://packetstormsecurity.org/files/101678/Digital-Forensics-Framework-1.1.0.html Wed, 25 May 2011 06:25:41 GMT DFF (Digital Forensics Framework) is a simple but powerful tool with a flexible module system which will help you in your digital forensics works, including file recovery due to error or crash, evidence research and analysis, etc. DFF provides a robust architecture and some handy modules. http://packetstormsecurity.org/files/101260/peepdf-0.1.zip http://packetstormsecurity.org/files/101260/peepdf-0.1.zip http://packetstormsecurity.org/files/101260/Peepdf-PDF-Analyzer-0.1.html Tue, 10 May 2011 00:50:57 GMT peepdf is a Python tool to explore PDF files in order to find out if the file can be harmful or not. The aim of this tool is to provide all the necessary components that a security researcher could need in a PDF analysis without using 3 or 4 tools to make all the tasks. With peepdf it's possible to see all the objects in the document showing the suspicious elements, supports all the most used filters and encodings, it can parse different versions of a file, object streams and encrypted files. With the installation of Spidermonkey and Libemu it provides Javascript and shellcode analysis wrappers too. It's also able to create new PDF files and to modify existent ones. http://packetstormsecurity.org/files/101076/xplico-0.6.2.tgz http://packetstormsecurity.org/files/101076/xplico-0.6.2.tgz http://packetstormsecurity.org/files/101076/Xplico-Network-Forensic-Analysis-Tool-0.6.2.html Tue, 03 May 2011 14:23:11 GMT Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc. This is the version that has a GUI allowing you to view photos, texts and videos contained in MMS messages. http://packetstormsecurity.org/files/100643/malware_analyser-3.0.zip http://packetstormsecurity.org/files/100643/malware_analyser-3.0.zip http://packetstormsecurity.org/files/100643/Malware-Analyser-3.0.html Thu, 21 Apr 2011 01:38:40 GMT Malware Analyser is freeware tool to perform static and dynamic analysis on malwares. http://packetstormsecurity.org/files/100600/malheur-0.5.0.tar.gz http://packetstormsecurity.org/files/100600/malheur-0.5.0.tar.gz http://packetstormsecurity.org/files/100600/Malheur-Malware-Analyzer-0.5.0.html Wed, 20 Apr 2011 01:58:33 GMT Malheur is a tool for automatic analysis of program behavior recorded from malicious software (malware). It is designed to support the regular analysis of malicious software and the development of detection and defense measures. It allows for identifying novel classes of malware with similar behavior and assigning unknown malware to discovered classes. It can be applied to recorded program behavior of various formats as long as monitored events are separated by delimiter symbols, e.g. as in reports generated by the popular malware sandboxes CWSandbox, Anubis, Norman Sandbox, and Joebox. http://packetstormsecurity.org/files/98775/mobiusft-0.5.7.tar.gz http://packetstormsecurity.org/files/98775/mobiusft-0.5.7.tar.gz http://packetstormsecurity.org/files/98775/Mobius-Forensic-Toolkit-0.5.7.html Mon, 28 Feb 2011 16:53:51 GMT Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools. http://packetstormsecurity.org/files/97649/mobiusft-0.5.6.1.tar.gz http://packetstormsecurity.org/files/97649/mobiusft-0.5.6.1.tar.gz http://packetstormsecurity.org/files/97649/Mobius-Forensic-Toolkit-0.5.6.1.html Wed, 19 Jan 2011 16:02:45 GMT Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.