本エントリは This Week in 4n6 (FourAndSix=Forensics) で紹介された各記事の冒頭を表示し、チェックする記事をザッピングするために自動生成&投稿したものです。4n6 は こちら からご確認いただけます。
SOFTWARE UPDATES
Berla
By Berla Staffon December 23, 2022 iVe Software v4.2 Brings Additional Support for Honda Systems Berla is pleased to announce the release of iVe version 4.2, which introduces support for importing and parsing data from Honda vehicles as well as several feature enhancements and overall improvements. Honda Support The iVe Software brings additional support for Honda vehicles from model year 2016 through 2020. Once support has been confirmed, you will need to remove system and conduct a chip-off to...
Breakpoint Forensics
HomeGraykey Password Parser Changelog 12/31/2022 GKPasswordParser-V1.2.1 Release Improvements: Added missing support for older sha1 hashes. Improved logic for handling PC History files with 2 or more hashes in them to incrementally move through 4-6 digit key-space to avoid issues when user may have used a mixed of 4-6 digit passcodes. 12/29/2022 GKPasswordParser-V1.2 Release New Feature: Added functionality to bruteforce Passcode History file using integrated version of Hashcat. GUI Selectable H...
Costas K
Compare Choose a tag to compare View all tags kacos2000 released this 28 Dec 15:07 · 3 commits to master since this release v.0.0.12.0 4f26a76 This commit was created on GitHub.com and signed with GitHub’s verified signature. GPG key ID: 4AEE18F83AFDEB23 Learn about vigilant mode. [Update] Some small changes to speed up reading the records You may still have to wait if loading a huge EDB MD5: F9A6A0304D15416289F448C624C26697 SHA256: 0A7E601183430B1CBEC20CDCBC92B08FA4FC926A7F67D412EEFD0F2127F304C...
Didier Stevens
Filed under: Announcement,My Software — Didier Stevens @ 0:00 dns-pydivert is a tool that uses WinDivert, a “user-mode packet capture-and-divert package for Windows” to divert IPv4 DNS packets to and from the machine it is running on. This tool requires admin rights. When started, it listens for IPv4 UDP packets with source and/or destination port equal to 53.When this tools processes its first UDP packet with destination port 53, it considers the source address of this packet as the DNS client’...
Update: zipdump.py Version 0.0.24 Filed under: My Software,Update — Didier Stevens @ 0:00 A small update to option -W of zipdump.py. Next to value vir, you can now also specify values hash and hashvir. hash: write each file with name equal to the SHA256 of the content of the file. hashvir: write each file with name equal to the SHA256 of the content of the file plus extension .vir. zipdump_v0_0_24.zip (D5: 33E7B7602263CB2C23D59C7EDEC8666CSHA256: 1BEF40A9B567DAE84563FEA1B4DE8E0BD7F5926F7FCFF6D708...
Elcomsoft
Elcomsoft iOS Forensic Toolkit 8.10 adds forensically sound checkm8 extraction support for iOS, iPadOS and tvOS 16.2. We are also bumping agent-based extraction support to iOS 15.5, and updating Elcomsoft iOS Forensic Toolkit 7.70 to fix the extraction agent installation issues in the Windows edition. Elcomsoft iOS Forensic Toolkit 8.10 brings low-level file system extraction and keychain decryption support to Apple devices running iOS, iPadOS and tvOS 16.2. The new build enables forensically so...
Griffeye
IntelOwl
v4.1.4 Latest Latest Compare Choose a tag to compare View all tags mlodic released this 27 Dec 23:50 · 5 commits to develop since this release v4.1.4 0c44af6 This commit was signed with the committer’s verified signature. mlodic Matteo Lodi GPG key ID: 78E7901BC2849F89 Learn about vigilant mode. please refer to the Changelog Assets 2 All reactions Footer © 2023 GitHub, Inc. Footer navigation Terms Privacy Security Status Docs Contact GitHub Pricing API Training Blog About You can’t perform that ...
k1nd0ne
Latest Latest Compare Choose a tag to compare View all tags k1nd0ne released this 29 Dec 17:51 v1.0.0-beta 478ca5b VolWeb 1.0.0-beta 🧬 Volatility3 2.4.0 integrations : windows.devicetree windows.sessions windows.ldrmodules linux.psaux linux.mountinfo 🛠 BugFix: Multiple Analysis launch. Better exceptions handling inside Windows and Linux engines. Adding quiet process_callback. jsonschema missing import. Code refactoring and review. 🏇Performances: windows.handles and linux.procmaps are now compute...
MISP
- go to homepage Toggle Navigation Home Features Data Models Data Models MISP core format MISP taxonomies MISP Galaxy MISP Objects Default feeds Documentation Documentation Documentation OpenAPI Tools Support Contributing Research projects Legal License Legal and policy GDPR ISO/IEC 27010:2015 NISD Communities Download Events Upcoming events Past events Webinars Hackathon MISP Summit News Contact Reaching us Contact Us Press inquiries Professional Services Commercial Support Security Matters Who...
Open Source DFIR
Skip to main content Open Source DFIR A security blog for the digital forensics community on how to perform digital forensic incident response with open source tools. Plaso 20221229 released Get link Facebook Twitter Pinterest Email Other Apps By Joachim Metz December 28, 2022 Plaso 20221229 releasedThe Plaso team is delighted to announce a new Plaso release, 20221229. This release has a mixture of new features and under the hood improvements.Notable changesThe sources.conf configuration file ha...
OpenCTI
Version 5.5.1 Latest Latest Compare Choose a tag to compare View all tags SamuelHassine released this 29 Dec 22:08 · 1 commit to master since this release 5.5.1 a4e9d83 This commit was signed with the committer’s verified signature. SamuelHassine Samuel Hassine GPG key ID: 966CA4FD74C31B9B Learn about vigilant mode. Dear community, OpenCTI 5.5.1 is out 🎉! This version fixes all known bugs of the 5.5 branch and introduces multiple features and user experience enhancements 🤯. First of all, all "kn...
Martin Korman
Skip to content Toggle navigation Sign up Product Actions Automate any workflow Packages Host and manage packages Security Find and fix vulnerabilities Codespaces Instant dev environments Copilot Write better code with AI Code review Manage code changes Issues Plan and track work Discussions Collaborate outside of code Explore All features Documentation GitHub Skills Blog Solutions For Enterprise Teams Startups Education By Solution CI/CD & Automation DevOps DevSecOps Case Studies Customer Stori...
DFIR-HBG
Skip to content Toggle navigation Sign up Product Actions Automate any workflow Packages Host and manage packages Security Find and fix vulnerabilities Codespaces Instant dev environments Copilot Write better code with AI Code review Manage code changes Issues Plan and track work Discussions Collaborate outside of code Explore All features Documentation GitHub Skills Blog Solutions For Enterprise Teams Startups Education By Solution CI/CD & Automation DevOps DevSecOps Case Studies Customer Stori...
YARA
Pre-release Pre-release Compare Choose a tag to compare View all tags plusvic released this 30 Dec 17:23 v4.3.0-rc1 8b8384d Added a not operator for bytes in hex strings. Example: {01 ~02 03} (#1676). for statement can iterate over sets of literal strings (e.g. for any s in ("a", "b"): (pe.imphash() == s)) (#1787). of statement can be used with at (e.g. any of them at 0) (#1790). Added the --print-xor-key (-X in short form) command-line option that prints the XOR key for xored strings (#1745). I...
