100 free security tools for ethical hackers and forensic investigators
Bạn đang xem bản rút gọn của tài liệu. Xem và tải ngay bản đầy đủ của tài liệu tại đây (530.91 KB, 9 trang )
<span class="text_page_counter">Trang 1</span><div class="page_container" data-page="1">
100 Free Security Tools For ethical hackers and forensic investigators
INSIDE CLOUD
</div><span class="text_page_counter">Trang 2</span><div class="page_container" data-page="2"><b>1. Autopsy - Open source digital forensics platform to analyze hard drives and smart phones </b>
<b>17. Ghiro - Web site screenshots and analysis for forensic investigations </b> Scalpel - File carver which recovers files based on headers and footers </b>
<b>19. HxD - Hex editor useful for analyzing raw disk and memory dumps </b> TestDisk - Data recovery tool, useful when file systems get corrupted </b>
<b>21. PhotoRec - Recovery tool specifically focused on photos and media files </b>
<b>22. CAINE - Italian GNU/Linux live distribution with many forensics tools </b>
<b>23. Axiom Cyber - Commercial digital forensics and incident response platform </b>
<b>27. Kali Linux - Penetration testing Linux distribution with many useful security tools </b>
<b>28. DEFT - Linux distribution configured specifically for computer forensics </b>
<b>29. Volatility Framework - Advanced memory forensics framework with plugins and APIs </b>
<b>30. PyFlag - Legacy Australian forensic and log analysis GUI platform </b>
100 Free Security Tools
For ethical hackers and forensic investigators
</div><span class="text_page_counter">Trang 3</span><div class="page_container" data-page="3"><b>31. Plaso (log2timeline) - Extract timestamps from various logs and aggregate timeline </b>
<b>34. Snort - Open source intrusion detection and network monitoring system </b>
<b>35. Tcpdump - Capture and analyze network traffic on Unix-like systems </b>
<b>36. Ngrep - Search within network traffic payloads like grep for text streams </b> dcfldd - Disk cloning and forensics tool, version of dd with hashing </b> Wireshark - Network traffic analyzer useful for network forensics </b>
<b>39. SIFT (SANS) - Ubuntu-based distribution for forensic analysis </b> Paladin - USB image mounted as virtual drive with write-protection </b>
<b>41. CAINE Live - Self-contained bootable forensic environment </b> XRY (XAMN) - Commercial mobile forensic software to analyze phones </b> BlackLight - Powerful Windows-based forensics analysis platform </b>
<b>47. Raptor - Validation tool to verify integrity of forensic copies </b> EnCase Imager - Disk imaging tool from Guidance Software </b> Guymager - Open source disk cloning and imaging tool for Linux </b>
<b>50. Scalpel - File carver recovering files based on header/footer signatures </b>
<b>51. Extundelete - Used to recover deleted files from mountable images </b> Xplico - Network forensics tool that rebuilds sessions from traffic </b> Foremost - File carving utility to recover files using header/footer definitions </b>
<b>54. Hunchback - High speed packet capture and transmission tool </b> Autopsy Tools - Plugins and tools used alongside Autopsy forensics GUI </b>
<b>60. Live View - Volatile memory analysis tool for Windows systems </b> LRR - Tool for viewing Windows artifacts including LNK files </b>
100 Free Security Tools
For ethical hackers and forensic investigators
</div><span class="text_page_counter">Trang 4</span><div class="page_container" data-page="4"><b>65. Amcache Parser - Recovers data from Windows 10 Amcache.hve artifact file </b>
<b>66. The Hive - Web interface offering querying capabilities for hive files </b>
<b>67. GRR Rapid Response - Incident response framework focused on remote live forensics </b>
<b>71. KAPE - Target acquisition tool focused on enterprise lines of business </b> USB Write Blocker - Hardware ensuring write protection when imaging USB devices</b>
<b>73. AIL - Network and host monitoring system for identification of intrusions </b> Rifiuti2 - Analyzes Windows Recycle Bin INFO2 files and recovers filenames </b>
<b>75. VolDiff - Compares memory images and highlights differences for analysis </b> WinAudit - Scans Windows systems and reports changes from baseline </b> hfind - Carves unallocated space and extracts hidden/deleted data into files </b>
<b>78. Yara - Pattern matching tool aimed at malware researchers</b>
<b>79. Checkm8 - Jailbreaking tool extracting data from passcode locked iOS devices </b>o/
<b>80. Olefile - Python package for parsing OLE and Office documents </b> Pyew - Python tool for malware analysis static and dynamic </b> E01 Examiner - Software utility for mounting EnCase evidence file formats </b> USBDeview - Handy Windows tool listing all USB devices ever connected </b>
<b>89. Speedit - Detection and analysis of spyware, keyloggers, trojans etc</b> SniffPass - Sniffs passwords and other sensitive information from a network </b>
<b>91. Nmap - Network scanning and host discovery tool helpful for reconnaissance </b> OSINT Framework - Gathering publicly available online data regarding targets </b> Recon-ng - Web based open source reconnaissance framework </b> OSINT-SPY - Performs extensive reconnaissance using 300+ OSINT data sources </b>
<b>95. Shodan - Search engine for Internet connected devices </b>
<b>96. Maltego - Link analysis and data mining for gathering information </b> SpiderFoot - OSINT automation tool gathering threat intelligence data </b> Metagoofil - Extract metadata of public documents from a target website </b>
100 Free Security Tools
For ethical hackers and forensic investigators
</div><span class="text_page_counter">Trang 5</span><div class="page_container" data-page="5">Here are those same 100 resources, grouped by function.
<b>Digital Forensics Frameworks:</b>
<b>1. Autopsy - Open source digital forensics platform to analyze hard drives and smart phones </b>
<b>42. XRY (XAMN) - Commercial mobile forensic software to analyze phones </b> BlackLight - Powerful Windows-based forensics analysis platform </b>
<b>49. Guymager - Open source disk cloning and imaging tool for Linux </b>
100 Free Security Tools
For ethical hackers and forensic investigators
</div><span class="text_page_counter">Trang 6</span><div class="page_container" data-page="6"><b>60. Live View - Volatile memory analysis tool for Windows systems </b> Rekall - Advanced forensic memory analysis framework powered by Python </b>
<b>51. Extundelete - Used to recover deleted files from mountable images </b> Xplico - Network forensics tool that rebuilds sessions from traffic </b> Foremost - File carving utility to recover files using header/footer definitions </b>
<b>34. Snort - Open source intrusion detection and network monitoring system </b>
<b>35. Tcpdump - Capture and analyze network traffic on Unix-like systems </b>
<b>36. Ngrep - Search within network traffic payloads like grep for text streams </b> Wireshark - Network traffic analyzer useful for network forensics </b>
<b>54. Hunchback - High speed packet capture and transmission tool </b> AIL - Network and host monitoring system for identification of intrusions </b> Free Security Tools
For ethical hackers and forensic investigators
</div><span class="text_page_counter">Trang 7</span><div class="page_container" data-page="7"><b>Windows Artifact Analysis:</b>
<b>15. RegRipper - Tool to parse Windows registry files and dig for useful data </b>
<b>66. The Hive - Web interface offering querying capabilities for hive files </b>
<b>74. Rifiuti2 - Analyzes Windows Recycle Bin INFO2 files and recovers filenames </b>
<b>76. WinAudit - Scans Windows systems and reports changes from baseline </b> USBDeview - Handy Windows tool listing all USB devices ever connected </b>
<b>19. HxD - Hex editor useful for analyzing raw disk and memory dumps </b> WinHex - Hex editor, particularly helpful for low-level analyzing raw data </b> Extraction Tools:</b>
<b>8. Cellebrite UFED - Commercial mobile forensic software to extract data from phones and tablets </b>
<b>37. dcfldd - Disk cloning and forensics tool, version of dd with hashing </b> Free Security Tools
For ethical hackers and forensic investigators
</div><span class="text_page_counter">Trang 8</span><div class="page_container" data-page="8"><b>Data Extraction Tools (continued):</b>
<b>40. Paladin - USB image mounted as virtual drive with write-protection </b>
<b>79. Checkm8 - Jailbreaking tool extracting data from passcode locked iOS devices </b>o/
<b>80. Olefile - Python package for parsing OLE and Office documents </b> Autopsy - iPhone - Autopsy module adds iOS analysis functionality </b>
<b>Data Recovery Tools:</b>
<b>20. TestDisk - Data recovery tool, useful when file systems get corrupted </b>
<b>21. PhotoRec - Recovery tool specifically focused on photos and media files </b>
<b>Specialized Tools:</b>
<b>17. Ghiro - Web site screenshots and analysis for forensic investigations </b> Pyew - Python tool for malware analysis static and dynamic </b> E01 Examiner - Software utility for mounting EnCase evidence file formats </b> X-Ways Imager - Disc imaging tool to create forensic images, integrated into X-Ways Forensics </b>
<b>91. Nmap - Network scanning and host discovery tool helpful for reconnaissance </b> OSINT Framework - Gathering publicly available online data regarding targets </b>
<b>95. Shodan - Search engine for Internet connected devices </b>
<b>96. Maltego - Link analysis and data mining for gathering information </b> SpiderFoot - OSINT automation tool gathering threat intelligence data </b> Metagoofil - Extract metadata of public documents from a target website </b>
100 Free Security Tools
For ethical hackers and forensic investigators
</div><span class="text_page_counter">Trang 9</span><div class="page_container" data-page="9"><b>OSINT Tools (continued):</b>
<b>91. Nmap - Network scanning and host discovery tool helpful for reconnaissance </b> OSINT Framework - Gathering publicly available online data regarding targets </b>
<b>95. Shodan - Search engine for Internet connected devices </b>
<b>96. Maltego - Link analysis and data mining for gathering information </b> SpiderFoot - OSINT automation tool gathering threat intelligence data </b> Metagoofil - Extract metadata of public documents from a target website </b>
