Category Archives: Forensics
Hindsight – Web browser Forensics for Google Chrome
Hindsight is a free tool for analyzing web artifacts. It started with the browsing history of the Google Chrome web browser
PEview – Tool to Investigate PE Files
PEview provides a quick and easy way to view the structure and content of 32-bit Portable Executable (PE) and Component Object File Format (COFF) files.
Yeti – Your Everyday Threat Intelligence
Yeti is a platform meant to organize observables, indicators of compromise, TTPs, and knowledge on threats in a single, unified repository. the platform will also automatically enrich observables (e.g. resolve domains, geolocate IPs) so that you don’t have to. Yeti
LogonTracer – Investigate Malicious Logon Using Event Logs
LogonTracer is a tool to investigate malicious logon by visualizing and analyzing Windows Active Directory event logs. This tool associates a host name (or an IP address) and account name found in logon-related events and displays it as a graph.
AppNetworkCounter – List Application Network Usage
AppNetworkCounter is a simple tool for Windows that counts and displays the number of TCP/UDP bytes and packets sent and received by every application on
TurnedOnTimesView – List PC Running Time Ranges
TurnedOnTimesView is a simple tool that analyses the event log of Windows operating system, and detects the time ranges that your computer was turned on.
Xplico – Network Forensic Analysis Tool
The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email