693 matches found
AOL Breached, Investigating Spam from Spoofed Accounts
AOL reported today that it has been breached and urges users of its web-based email and other online services to change their passwords. AOL’s investigation of a breach of its internal network and systems is under way with the help of federal authorities and a forensics firm, the company said. La...
Heartbleed OpenSSL Information Leak Proof Of Concept
/ CVE-2014-0160 heartbleed OpenSSL information leak exploit ========================================================= This exploit uses OpenSSL to create an encrypted connection and trigger the heartbleed leak. The leaked information is returned within encrypted SSL packets and is then decrypted...
WhatsApp Flaw leaves User Location Vulnerable to Hackers and Spy Agencies
If you are using WhatsApp to chit-chat with your friends or relatives, then you should be careful about sharing your location with them using WhatsApp ‘Location Share’ feature. No doubt, WhatsApp communication between your phone and company’s server is now encrypted with SSL, which means whatever...
Passivedns - A network sniffer that logs all DNS server replies for use in a passive DNS setup
A tool to collect DNS records passively to aid Incident handling, Network Security Monitoring NSM and general digital forensics. PassiveDNS sniffes traffic from an interface or reads a pcap-file and outputs the DNS-server answers to a log file. PassiveDNS can cache/aggregate duplicate DNS answers...
[Argus] Real Time Flow Monitor
Argus is a fixed-model Real Time Flow Monitor designed to track and report on the status and performance of all network transactions seen in a data network traffic stream. Argus provides a common data format for reporting flow metrics such as connectivity, capacity, demand, loss, delay, and jitte...
[SSLsplit] Transparent and scalable SSL/TLS interception
SSLsplit is a tool for man-in-the-middle attacks against SSL/TLS encrypted network connections. Connections are transparently intercepted through a network address translation engine and redirected to SSLsplit. SSLsplit terminates SSL/TLS and initiates a new SSL/TLS connection to the original...
Gap Widens Between Attackers, BIOS Forensics, Research
Vendors have made important strides in locking down operating systems, patching memory-related vulnerabilities and other bugs that could lead to remote code execution or give hackers a stealthy presence on a machine. As the hurdles get higher for the bad guys, the better ones will certainly look...
[Pac4Mac] Forensics Framework for Mac OS X
Pac4Mac Plug And Check for Mac OS X is a portable Forensics framework to launch from USB storage allowing extraction and analysis session informations in highlighting the real risks in term of information leak history, passwords, technical secrets, business secrets, .... Pac4Mac can be used to...
[Rekall] Memory Forensics Analysis Framework
The Rekall Framework is a completely open collection of tools, implemented in Python under the GNU General Public License, for the extraction of digital artifacts from volatile memory RAM samples. The extraction techniques are performed completely independent of the system being investigated but...
[Autopsy] Digital Investigation Analysis
Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It can be used by law enforcement, military, and corporate examiners to investigate what happened on a computer. You can even use it to recover photos from your camera's memory...
[IPhone Analyzer] IPhone Forensics Tool
iPhone Analzyer allows you to forensically examine or recover date from in iOS device. It principally works by importing backups produced by iTunes or third party software, and providing you with a rich interface to explore, analyse and recover data in human readable formats. Because it works fro...
[The Sleuth Kit] Library and collection of command line tools to investigate disk images
The Sleuth Kit is a C++ library and collection of open source file system forensics tools that allow you to, among other things, view allocated and deleted data from NTFS, FAT, FFS, EXT2, Ext3, HFS+, and ISO9660 images. The Sleuth Kit® TSK is a library and collection of command line tools that...
Detecting and Preventing Compromises in Retail Payment Systems
Information Weeks Matthew Swartz published an article on the recently- confirmed payment card breaches at Target, Nieman Marcus and three other unnamed retailers. This article and many others reveal that these attacks involve sophisticated malware and some even suggest it is the work of the same...
[Lynis v1.3.8] The Unix/Linux Hardening tool
Lynis is a security tool to audit and harden Unix and Linux based systems. It scans the system by performing many security control checks, looks for installed software and determines compliance to standards. Also will it detects security issues and errors in configuration. At the end of the scan ...
Encrypted PINs Stolen in Target Data Breach
Target confirmed this morning that encrypted PIN data was stolen in the Black Friday data breach that exposed 40 million accounts to fraud. Spokesperson Molly Snyder said the ongoing forensics investigation confirmed that PIN data was accessed as well, contrary to previous claims made by the reta...
[Bugtroid] Pentesting for Android
Bugtroid is an innovative tool developed by the team of Bugtraq-Team. The main features of this apk, is that it has more than 200 Android and Linux tools PRO for pentesting and forensics through its Smarthphone or tablet. It has a menu categorized according to the nature of the tool may find:...
Target Corp. Suffers Black Friday Data Breach
UPDATE – TJX and Heartland Payment Systems may soon have company atop the list of the worst retail data breaches in U.S. history after reports surfaced that Target Corp. was breached around Black Friday and millions of credit and debit cards were stolen. Target confirmed the breach this morning a...
[Volatility v2.3] The advanced memory forensics framework (Support of OSX)
The Volatility Framework is a completely open collection of tools, implemented in Python under the GNU General Public License, for the extraction of digital artifacts from volatile memory RAM samples. The extraction techniques are performed completely independent of the system being investigated...
Microsoft Changes Bug Bounty Program to Include Incident Responders, Forensics Specialists
Having found some initial success with its first foray into the bug bounty world, Microsoft is expanding the program to open up payments of up to $100,000 to incident response teams and forensics experts who come across active attacks in the wild that include new techniques that bypass exploit...
[Ghiro v0.1] Digital Image Forensic Analyzer
Sometime forensic investigators need to process digital images as evidence. There are some tools around, otherwise it is difficult to deal with forensic analysis with lot of images involved. Images contain tons of information, Ghiro extracts these information from provided images and display them...