Forensics

forensicsThis Page contains various programs I have used throughout the Winter 2013 semester at BYU taking IT 566 – Cyber Forensics. Pages will include a source link, an overview of the software, and a brief T3CHKOMMIE review covering pros, cons, and caveats.

  1. Steganography with OpenPuff
  2. Autopsy 3.0.4 for Windows
  3. Network Miner
  4. TCPdStat
  5. Netcat: Unix, Linux, Windows command line tool for passing forensic evidence from the victim machine to the forensics device for later analysis
  6. Netstat (-an) (-ltp): Windows and Linux command line tool for displaying tcp and udp ports open, listening, or connected on the victim’s network stack and the processes owning the ports.
  7. Linux Bash Command: lsof displays amazing amount of important details on the File System.
  8. pstree: Linux command that displays a “family tree” of running processes and their children.

Leave a comment

Your email address will not be published. Required fields are marked *