Definition of Forensic Tools
Forensic tools are tools used in the process of investigating data processing equipment-- typically a home computer, laptop, server, or office workstation-- to determine if the equipment has been used for illegal, unauthorized, or unusual activities.
|
|
Forensic Tools
|
|
Add_recl
The Add_recl program is designed to help reformat (variable length) carriage return delimited records.
Read the Article
|
Administrator's Pak
Administrator's Pak is a complete suite of powerful, versatile tools that allow you to repair unbootable or locked-out systems, restore lost data, remove malware from infected systems while the system is safely offline using your existing antivirus software, and diagnose system and network issues.
Read the Article
|
Afick
Afick is a security tool, very close from the well known tripwire. It allows to monitor the changes on your files systems, and so can detect intrusions.
Read the Article
|
AIM Password Decoder
During a forensic examination - you may find it necessary to identify as many passwords used by the suspect as possible. This may be to assist with the decryption of other encrypted data or to link the suspect with the computer, etc. This utility will decrypt AOL Instant Messenger Passwords.
Read the Article
|
Autoruns
This utility, which has the most comprehensive knowledge of auto-starting locations of any startup monitor, shows you what programs are configured to run during system bootup or login, and shows you the entries in the order Windows processes them. These programs include ones in your startup folder, Run, RunOnce, and other Registry keys. You can configure Autoruns to show other locations, including Explorer shell extensions, toolbars, browser helper objects, Winlogon notifications, auto-start services, and much more. Autoruns goes way beyond the MSConfig utility bundled with Windows Me and XP.
Read the Article
|
Autostart Viewer
Autostart Viewer allows you to see every autostart on your system, all on the one screen. In addition, it gives you complete control over the autostart references, and allows you to modify or delete them at will.
Read the Article
|
Bates_no
Bates_no is a program which helps attorneys(or anyone using the Bates numbering system) to identify e-documents. While many programs can be used for Bates stamping individual pages in e-documents, few will assign Bates numbers to the filenames. Bates_no will. This feature is useful in identifying files for discovery and evidentiary purposes as well as for records management. The program was developed at the request of an attorney specializing in forensic processing of computer data and designed with his assistance.
Read the Article
|
BIEW
BIEW is multiplatform portable viewer of binary files with built-in editor in binary, hexadecimal and disassembler modes. It uses native Intel syntax for disassemble. Highlight AVR/Java/Athlon64/Pentium 4/K7-Athlon disassembler, russian codepages convertor, full preview of formats - MZ, NE, PE, NLM, coff32, elf partial - a.out, LE, LX, PharLap; code navigator and more over.
Read the Article
|
BinText
A small, very fast and powerful text extractor that will be of particular interest to programmers. It can extract text from any kind of file and includes the ability to find plain ASCII text, Unicode (double byte ANSI) text and Resource strings, providing useful information for each item in the optional "advanced" view mode. Its comprehensive filtering helps prevent unwanted text being listed. The gathered list can be searched and saved to a separate file as either a plain text file or in informative tabular format.
Read the Article
|
Boot.com
This program is a small 5 byte com file that will reboot the system. It is used when running batch files that may need to have an unattended reboot of the system. The boot.com program will do a cold boot on most systems. However, on some 486's it appears to do a warm boot. This program only runs as a DOS program.
Read the Article
|
|
|
Page: 1 2 3 4 5
Members currently browsing this category:
|
|
