解析メモ

マルウェア解析してみたり解析に役に立ちそうと思ったことをメモする場所。このサイトはGoogle Analyticsを利用しています。

4n6 Week 52 – 2022 - SOFTWARE UPDATES

本エントリは This Week in 4n6 (FourAndSix=Forensics) で紹介された各記事の冒頭を表示し、チェックする記事をザッピングするために自動生成&投稿したものです。Week 52 – 2022 は こちら からご確認いただけます。「Buy me a coffee」からカンパをすると喜ばれます。

SOFTWARE UPDATES

AccessData

Release Date: Dec 19, 2022 Download Now Forensic Tools 7.6.0 Service Pack 2 Note: This is a service pack and must be run on a machine that has 7.6.0 Forensic Tools already installed. Forensic Tools 7.6.0 - Service Pack 2 Download - MD5: 39d6317b396653f18e9a908126ad0bd4 FTK 7.6.0 SP2 Release Notes FTK Central 7.6.0 SP2 Release Notes Enterprise 7.6.0 SP2 Release Notes LAB 7.6.0 SP2 Release Notes FTK Plus 7.6.0 SP2 Release Notes Forensic Tools 7.6.0 SP2 Install Guide FTK 7.6.0 SP2 User Guide FTK Ce...

Arsenal

  • Arsenal Image Mounter Changelog – v3.9.233

Arsenal Image Mounter Arsenal Image Mounter Changelog v3.9.233 Released: 12-21-2022 Free Mode:CLI: Moving towards “—“ rather than “/“ notation for switches (for multi-platform compatiblity), new “—checksum=” switch which calculates MD5, SHA1, and/or SHA256 checksums over disk image contentsCreate new image file: New disk image files are now created with 64kb partition alignment, disk and boot code signatures, and fake (but valid) boot code in MBR and VBRGeneral: GUI adjustments related to removi...

CCL Solutions

  • What do you get a digital forensics analyst for Christmas?

Alex Caithness unwraps our latest open-source code gift to support the accessing of Chrome/Chromium artefacts using PythonCCL has a proud tradition of innovation around digital forensics. That can be seen in our on-going commitment to supporting the analyst community through contributing open-source code; in our continuous investment in detailed, in-depth research by a dedicated R&D team; and most recently in our specialist work focusing on browser forensics. Alex Caithness, our Principal Analy...

Costas K

  • WinEDB_Browser

Latest Latest Compare Choose a tag to compare View all tags kacos2000 released this 24 Dec 20:39 · 2 commits to master since this release v.0.0.11.0 0b7ccce This commit was created on GitHub.com and signed with GitHub’s verified signature. GPG key ID: 4AEE18F83AFDEB23 Learn about vigilant mode. [Update] faster execution by some loop management MD5: 9F1EB29F7A41787C819AAF15F9F3A483 SHA256: ACEC75809EB63DB12FBB79CD65437E07A6AD22F12E405CEA412AE1146C93E714 Assets 3 All reactions Footer © 2022 GitHub...

Crowdstrike

  • Falconpy Version 1.2.8

Skip to content Toggle navigation Sign up Product Actions Automate any workflow Packages Host and manage packages Security Find and fix vulnerabilities Codespaces Instant dev environments Copilot Write better code with AI Code review Manage code changes Issues Plan and track work Discussions Collaborate outside of code Explore All features Documentation GitHub Skills Blog Solutions For Enterprise Teams Startups Education By Solution CI/CD & Automation DevOps DevSecOps Case Studies Customer Stori...

Didier Stevens

  • New tool: teeplus.py

Filed under: Announcement,My Software — Didier Stevens @ 0:00 This new tool, teeplus.py, is an extension of the tee command. The tools takes (binary) data from stdin, and sends it to stdout, while also writing the data to a file on disk. While the tee command requires a filename as argument, teeplus.py takes no arguments (only options). By default, teeplus.py will write the data to a file on disk, with filename equal to the sha256 of the data and extension .vir. And it will also log this activit...

  • Update: filescanner Version 0.0.0.8

[…] Pingback by Week 52 – 2022 – This Week In 4n6 — Sunday 25 December 2022 @ 5:54 RSS feed for comments on this post. TrackBack URI Leave a Reply (comments are moderated) Enter your comment here... Fill in your details below or click an icon to log in: Email (Address never made public) Name Website You are commenting using your WordPress.com account. ( Log Out / Change ) You are commenting using your Twitter account. ( Log Out / Change ) You are commenting using your Facebook account. ( Log Out...

  • Update: InteractiveSieve Version 0.9.2.0

[…] Pingback by Week 52 – 2022 – This Week In 4n6 — Sunday 25 December 2022 @ 5:54 RSS feed for comments on this post. TrackBack URI Leave a Reply (comments are moderated) Enter your comment here... Fill in your details below or click an icon to log in: Email (Address never made public) Name Website You are commenting using your WordPress.com account. ( Log Out / Change ) You are commenting using your Twitter account. ( Log Out / Change ) You are commenting using your Facebook account. ( Log Out...

  • Update: nsrl.py Version 0.0.4

[…] Pingback by Week 52 – 2022 – This Week In 4n6 — Sunday 25 December 2022 @ 5:54 RSS feed for comments on this post. TrackBack URI Leave a Reply (comments are moderated) Enter your comment here... Fill in your details below or click an icon to log in: Email (Address never made public) Name Website You are commenting using your WordPress.com account. ( Log Out / Change ) You are commenting using your Twitter account. ( Log Out / Change ) You are commenting using your Facebook account. ( Log Out...

  • Update: file-magic.py Version 0.0.5

[…] Pingback by Week 52 – 2022 – This Week In 4n6 — Sunday 25 December 2022 @ 5:54 RSS feed for comments on this post. TrackBack URI Leave a Reply (comments are moderated) Enter your comment here... Fill in your details below or click an icon to log in: Email (Address never made public) Name Website You are commenting using your WordPress.com account. ( Log Out / Change ) You are commenting using your Twitter account. ( Log Out / Change ) You are commenting using your Facebook account. ( Log Out...

  • Update: myjson-filter.py Version 0.0.3

[…] Pingback by Week 52 – 2022 – This Week In 4n6 — Sunday 25 December 2022 @ 5:54 RSS feed for comments on this post. TrackBack URI Leave a Reply (comments are moderated) Enter your comment here... Fill in your details below or click an icon to log in: Email (Address never made public) Name Website You are commenting using your WordPress.com account. ( Log Out / Change ) You are commenting using your Twitter account. ( Log Out / Change ) You are commenting using your Facebook account. ( Log Out...

  • Update: dnsresolver.py Version 0.0.2

[…] Pingback by Week 52 – 2022 – This Week In 4n6 — Sunday 25 December 2022 @ 5:54 RSS feed for comments on this post. TrackBack URI Leave a Reply (comments are moderated) Enter your comment here... Fill in your details below or click an icon to log in: Email (Address never made public) Name Website You are commenting using your WordPress.com account. ( Log Out / Change ) You are commenting using your Twitter account. ( Log Out / Change ) You are commenting using your Facebook account. ( Log Out...

Elcomsoft

  • Elcomsoft Phone Viewer 5.40 updated for iOS 16

Elcomsoft Phone Viewer gains full support for the updated local and cloud backup formats introduced in iOS 16. The tool can now display the content of iTunes and iCloud backups and synchronized data produced by devices running the new OS. In addition, Elcomsoft Phone Viewer 5.40 adds support for file system images obtained from devices running iOS 16. Elcomsoft Phone Viewer is updated with full support for file system images, synchronized data, iTunes and iCloud backups produced by Apple devices...

Eric Zimmerman

This website requires Javascript to be enabled. Please turn on Javascript and reload the page.

JPCERT/CC

  • LogonTracer v1.6 Released

朝長 秀誠 (Shusei Tomonaga) December 21, 2022 LogonTracer v1.6 Released LogonTracer Email JPCERT/CC released the latest version (v1.6) of LogonTracer, a tool to support event log analysis. Previously, LogonTracer could not investigate multiple incidents simultaneously, but this update adds support for managing multiple logs. In addition, Sigma can now be used to investigate the presence of suspicious logs in the event log. This article introduces these updates. For other updated items, please refer ...

k1nd0ne

  • VolWeb – v4.1.0-alpha

Skip to content Toggle navigation Sign up Product Actions Automate any workflow Packages Host and manage packages Security Find and fix vulnerabilities Codespaces Instant dev environments Copilot Write better code with AI Code review Manage code changes Issues Plan and track work Discussions Collaborate outside of code Explore All features Documentation GitHub Skills Blog Solutions For Enterprise Teams Startups Education By Solution CI/CD & Automation DevOps DevSecOps Case Studies Customer Stori...

MazX0p

  • ThreatHound

Public Notifications Fork 0 Star 10 10 stars 0 forks Star Notifications Code Issues 0 Pull requests 0 Actions Projects 0 Security Insights More Code Issues Pull requests Actions Projects Security Insights MazX0p/ThreatHound This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository. main Switch branches/tags Branches Tags View all branches View all tags Name already in use A tag already exists with the provided branch name. Many Git commands ...

Metaspike

  • Forensic Email Collector (FEC) Changelog – 3.85.0.8

Forensic Email CollectorIdeasRoadmapAnnouncementsSearch Ideas...Log inSign upAnnouncementsFilterNew updates and improvements to Forensic Email CollectorAll Announcements24 Dec, 20223.85.0.8FEC ReleaseThis is a maintenance release with the following improvements:✔️Stability improvements to multi-threaded processing.✔️Fixed a minor GUI issue where Drive attachment count was not initially displayed in acquisitions where Drive revisions were not acquired.LikeHomeLog in

radare2

  • 5.8.0

5.8.0 Latest Latest Compare Choose a tag to compare View all tags github-actions released this 22 Dec 23:59 5.8.0 7c55e4b Release Notes Version: 5.8.0 Previous: 5.7.8 Commits: 745 Contributors: 36 Highlights More details Authors 0x8ff Alex Bender Anton Kochkov Axel Iota DaKnig Dennis Goodlett Dennis Goodlett Ernest Deák (Tino) Francesco Tamagni HighW4y2H3ll Hors Lars Haukli Lazula Matthias MewtR Miles Liu Mohamed Lemine Ould El-Hadj Murphy Ole André Vadla Ravnås Paul B Mahol Peter Meerwald-Stadl...

theflakes

  • 0.4.2 File Metadata

Compare Choose a tag to compare View all tags theflakes released this 25 Dec 04:00 · 12 commits to main since this release 0.4.2 7a142a9 added PE header file info fields; orig filename, internal filename, copyright, description, versions, and total PE section information Assets 3 All reactions Footer © 2022 GitHub, Inc. Footer navigation Terms Privacy Security Status Docs Contact GitHub Pricing API Training Blog About You can’t perform that action at this time. You signed in with another tab or ...

Thiago Canozzo Lahr

Latest Latest Compare Choose a tag to compare View all tags tclahr released this 21 Dec 21:46 v2.4.1 9be662a This commit was created on GitHub.com and signed with GitHub’s verified signature. GPG key ID: 4AEE18F83AFDEB23 Learn about vigilant mode. Fixed macOS FSEvents were not being collected from additional volumes located at '/System/Volumes' (files/logs/macos.yaml). macOS Timesync files location was fixed (files/logs/macos_unified_logs.yaml). Assets 4 All reactions Footer © 2022 GitHub, Inc. ...

Yamato Security

  • Hayabusa v2.0.0 🦅

Skip to content Toggle navigation Sign up Product Actions Automate any workflow Packages Host and manage packages Security Find and fix vulnerabilities Codespaces Instant dev environments Copilot Write better code with AI Code review Manage code changes Issues Plan and track work Discussions Collaborate outside of code Explore All features Documentation GitHub Skills Blog Solutions For Enterprise Teams Startups Education By Solution CI/CD & Automation DevOps DevSecOps Case Studies Customer Stori...