enviroHash – A network utility to MD5 hash and catalog a running file system.

enviroHash is a network utility designed to be executed standalone or through remote management software. It uses fsum by Slavasoft to hash all accessible files within a scope that is defined through command line arguments. Uppon completion enviroHash will generate a .txt output file that contains a “hash”,”filename” pair delimited by commas. This file can then be imported into the enviroHashBrowser so that System Administrators can search a host or all hosts for particular filename or hash value, and compare one host to another to view similarities/differences.

This utility is being developed as a term project for our Computer System Forensics class at the Rochester Institute of Technology.


Download : enviroHashBrowser.zip (42.7 kB)
Find Other Version |
Read more in here :  http://sirjtaa.com/enviroHash

Advertisements

firefox-cache-forensics : Tools for forensic analysis of Firefox Cache

The goal of this project is to publish tools and discussion about forensic recovery of the firefox cache in order to contribute to the forensic community.

Although there are free tools to browse and recover Firefox cache out there, they (almost) all seem to be Windows-based GUI tools. Nothing against GUIs, but I needed source code in order to write a forensic timeline module for Kristinn Gudjonsson’s log2timeline utility (http://log2timeline.net/). I found there to be few sources of reliable information about the Firefox cache (other than the source code – but I was hoping for a cheat sheet). So I dug around and found a few sources, plus read Firefox code, until I understood how things work and could code against them.

I plan to publish tools and papers in this space to bring the Firefox cache structure into better public understanding and make tools available for re-use.
Documentation

Pages I’ve written to describe the Firefox cache and forensics issues to do with it.

Reading and Extracting the Firefox Cache – A general description of how to read and extract data from the Firefox Cache.

Firefox Cache Format – Detailed description of the Firefox cache format and structure.

Forensic Findings – Research results and forensic implications for the way Firefox handles its cache.
Tools

Currently this list is short:

ff_cache_find.pl – started as a proof-of-concept tool and morphed into something functional. Searches, displays and extracts Firefox cache entries and metadata from the command line.

ff_cache.pm – log2timeline module to integrate Firefox cache dates into the “super timeline” forensic tool.

Download right here : http://code.google.com/p/firefox-cache-forensics/downloads/list

zBrowser – Beta

zBrowser is a very basic browser whose feature list includes things like “History”, “Bookmarks” and “zLink” that is a page to see the most visited hosts. It does not have support for netscape plugins, so no flash support until Qt 4.5. But it is small, less then 10,000 lines of code,very fast, lean, mean and loads of fun to hack on. zBrowser is a release of Arora optimised for zeromus Operating System (zOS)


Features :

  • Omnibar
  • Tabbar
  • zLink
  • History manager
  • Download manager
  • Bookmark manager
  • Import/Export bookmarks
  • Private browsing
  • Adblock
  • ClickToFlash
  • Cookie manager

Download Latest Version : zBrowser 1.1.0 Installer.exe (16.5 MB)
Unix/Linux :  zbrowser-1.1.0.tar.gz (16.5 MB) 
Find Other Version |
Read more in here : http://sites.google.com/site/zeromusparadoxe01/zbrowser

Httest Tool

httest is a script based tool for testing and benchmarking web applications, web servers, proxy servers and web browsers. httest can emulate clients and servers in the same test script, very useful for testing proxys.

Platform : Windows, Linux & Mac Binaries

Features

  • HTTP server client simulation
  • SSL support
  • SOCKS support
  • Request/response validation
  • Cut and paste from request/response
  • Execute shell commands and use output in HTTP stream
  • Full ICAP support
  • IPv6 support
  • NTLM authentication tool
  • Simple SMTP support
  • Simple POP3 support
  • Lua support
  • Websocket support

ChangesLog For Current Version httest 2.1.18
*) httest: Bugfix possible coredumps at temp file clean up and _EXEC.

Download Latest Version 2.1.18 :

Windows : httest-2.1.18-win.zip (2.1 MB)
MacOS : httest-2.1.18-mac.zip (2.4 MB)
Linux : httest-2.1.18.tar.gz (515.5 KB)

Read User Guide | Find other Version

Or Read More In here : http://htt.sourceforge.net/cgi-bin/cwiki/bin/public

silvertunnel – Java lib+browser for TOR Beta

silvertunnel is a project that provides an end-user browser, a Java library and additional Java security tools to easily access anonymity networks such as the Tor (torproject.org) network. Secure and easy to use. Tor4Java and Tor Browser.

Platform : Windows, unix/Linux & Android

Features

  • easy to use Java library to access the Tor anonymity network (for Java developers)
  • simple to use web browser that always safely browses through the Tor anonymity network (for end users)

Download Latest version :

– silvertunnel.org_browser-0.13-beta_javawebstart.jnlp (1.1 kB)

Find other version | Read more in here : https://silvertunnel.org/

Mozilla Thunderbird 10.0.1 – Mozilla Thunderbird lets you receive, organize, and secure your email.

Thunderbird allows you to customize your email to suit your specific needs—whether it’s how you search and find messages, or listening to music right out of your inbox. Choose from the many options to help you be more productive, from the three layout views to the advanced mail filter capabilities. You can also choose from the many add-ons, adding tons more features to make Thunderbird even more powerful. Protecting your email is our top priority. Thunderbird keeps your email safely stored, protects you from phishing attacks and junk mail, and provides advanced features for email encryption.

WHAT’S New 10.0.1 :

Features

  • Message Tagging – Thunderbird 2 allows you to “tag” messages with descriptors such as “To Do” or “Done” or even create your own tags that are specific to your needs.
  • Improved Search – Thunderbird 2 features a new find bar that speeds up searches within displayed messages.
  • Advanced Folder Views – Thunderbird 2 offers a variety of ways for you to organize and display your folders, whether by favorites, recently viewed or folders containing unread messages.
  • Easy Access to Popular Web Mail Services – Thunderbird 2 makes it even easier to integrate and use various Web mail accounts from one inbox.
  • Your Mail, Your Way – Thunderbird users can increase Thunderbird’s functionality and appearance using hundreds of add-ons.
  • Cutting Out the Junk – Thunderbird’s popular junk mail tools have been updated to stay ahead of spam. Each email you receive passes through Thunderbird’s leading-edge junk mail filters.
  • Robust Privacy – Thunderbird 2 offers improved support for user privacy and remote image protection.
  • Phishing Protection – Thunderbird protects you from email scams which try to trick users into handing over personal and confidential information by indicating when a message is a potential phishing attempt.
  • Automated Update – Thunderbird’s update system checks to see if you’re running the latest version, and notifies you when a security update is available.

Download version :

Windows : Thunderbird Setup 10.0.1.exe (16.8 MB)
Mac OS : Thunderbird 10.0.1.dmg
Linux : thunderbird-10.0.1.tar.bz2

or read more in here : http://www.mozilla.org/en-US/thunderbird/