本エントリは This Week in 4n6 (FourAndSix=Forensics) で紹介された各記事の冒頭を表示し、チェックする記事をザッピングするために自動生成&投稿したものです。4n6 は こちら からご確認いただけます。
SOFTWARE UPDATES
Arsenal Consulting
JavaScript is not available. We’ve detected that JavaScript is disabled in this browser. Please enable JavaScript or switch to a supported browser to continue using twitter.com. You can see a list of supported browsers in our Help Center. Help Center Terms of Service Privacy Policy Cookie Policy Imprint Ads info © 2023 Twitter, Inc. Something went wrong, but don’t fret — let’s give it another shot.Try again
JavaScript is not available. We’ve detected that JavaScript is disabled in this browser. Please enable JavaScript or switch to a supported browser to continue using twitter.com. You can see a list of supported browsers in our Help Center. Help Center Terms of Service Privacy Policy Cookie Policy Imprint Ads info © 2023 Twitter, Inc. Something went wrong, but don’t fret — let’s give it another shot.Try again
Autopsy
Costas K
Latest Latest Compare Choose a tag to compare View all tags kacos2000 released this 24 Jan 18:51 v.0.0.13.0 6dc6b99 This commit was created on GitHub.com and signed with GitHub’s verified signature. GPG key ID: 4AEE18F83AFDEB23 Learn about vigilant mode. [Update] Added option to 'Open As' for examination of the selected file with other tools like a Hex Editor Added option to copy the Selected file's Full File path [Note]: Be very careful when dealing with possible malicious LNK files !! Updated ...
Crowdstrike
Skip to content Toggle navigation Sign up Product Actions Automate any workflow Packages Host and manage packages Security Find and fix vulnerabilities Codespaces Instant dev environments Copilot Write better code with AI Code review Manage code changes Issues Plan and track work Discussions Collaborate outside of code Explore All features Documentation GitHub Skills Blog Solutions For Enterprise Teams Startups Education By Solution CI/CD & Automation DevOps DevSecOps Case Studies Customer Stori...
Didier Stevens
" blog.didierstevens.com/2023/01/22/upd… 6 days ago New blog post "New Tool: onedump. py" blog.didierstevens.com/2023/01/22/new… 6 days ago RT @decalage2: A few new tools to analyse suspicious OneNote files: - github.com/knight0x07/One… by @knight0x07 - github.com/volexity/threa… by… 1 week ago RT @decalage2: @James_inthe_box @DidierStevens The only OneNote tool I've seen so far is github.com/knight0x07/One… by @knight0x07 1 week ago Archives January 2023 December 2022 November 2022 October 2022...
Filed under: maldoc,Malware,My Software — Didier Stevens @ 9:24 This is a new tool (based on my Python template for binary files) to analyze OneNote files. This version is limited to handling embedded files (for the moment). As I might still make significant changes to the user interface, I’ve put this tool in my GitHub beta repository. Share this:TwitterFacebook Related Leave a Comment Leave a Comment » No comments yet. RSS feed for comments on this post. TrackBack URI Leave a Reply (comments a...
Hex Rays
Magnet Forensics
We’re proud to offer a new free tool to your toolkit for use within Magnet AXIOM, the MAGNET Hash Sets Manager. Maintaining up-to-date hash sets can be a painful process, especially for those operating in offline labs. This tool lets you easily manage a central database of hash sets that you can distribute to your team’s instances of Magnet AXIOM and Magnet AXIOM Cyber, even if they are operating offline. Download a free copy of the MAGNET Hash Sets Manager here. Commonly referred to as the DNA ...
We are happy to announce the latest release of Magnet AXIOM Cyber, version 6.10, which introduces new features and tools to help make your DFIR workflow as efficient as possible. This release also includes new and updated artifacts to keep your evidence sources current with the latest apps and services. You can upgrade to the latest version within AXIOM Cyber or over at the Customer Portal. And if you haven’t tried AXIOM Cyber yet, request a free trial here. New Free Tool for AXIOM Cyber: MAGNET...
Magnet AXIOM 6.10 is now available! In this release, we’re introducing new features to help you find the evidence you need even more quickly and easily, including the ability to easily toggle date filters used in your case and support for Google Semantic Location History data. We’re also excited to introduce a new free tool for AXIOM users, the MAGNET Hash Sets Manager, to help you ensure your lab’s hash set are up-to-date, even if your lab is offline. You can upgrade to the latest version withi...
Malcat
Mon 23 January 2023 malcat team news Today we are happy to announce the release of version 0.9.0! Slowly but steadily Malcat is improving towards a feature-full binary analysis solution. This is the latest "big" release before Malcat's full 1.0 release and contains some major improvements: Open multiple projects in parallel and easily switch between them Scan binaries for FLIRT signatures (FLIRT version 6+ supported) Analyse OneNote (.one) files Quick bookmarks for easy navigation We'll go into ...
MemProcFS-Analyzer
Latest Latest Compare Choose a tag to compare View all tags evild3ad released this 22 Jan 12:16 · 2 commits to main since this release v0.8 2880f67 Added: MUICache Added: Windows Background Activity Moderator (BAM) Added: Check if it's a Domain Controller Added: Check if it's a Microsoft Exchange Server Added: jq - Command-line JSON processor Added: Checking for processes spawned from suspicious folder locations Added: Checking for suspicious processes without any command-line arguments Added: C...
Passmark Software
Home Products Training Support About Us Forum Sign In FAQ What’s New Pricing Download Free Trial Buy Now What's New? Expand all Collapse all V10.0 Build 1007 23rd January 2023 Boot VM Fixed error booting MacOS image on VirtualBox for some systems Added a check to prevent user from adding VM to case if a case is not open Case Management Reports, added option to have a minimum font size when exporting report as PDF Increased font sizes for better readability when exporting as PDF Reports, added ch...
radare2
5.8.2 - codename "Jonesy" Latest Latest Compare Choose a tag to compare View all tags github-actions released this 23 Jan 11:23 5.8.2 0b6793f Release Notes Version: 5.8.2 Previous: 5.8.0 Commits: 172 Contributors: 17 Highlights More details Authors 0x8ff Apkunpacker Dennis Goodlett Fraser Price Jules Maselbas MewtR Mohamed Lemine Ould El-Hadj Ole André Vadla Ravnås Richard Patel Sylvain Pelissier Vitaly Bogdanov condret kyufie meme nmeum pancake pancake Changes anal Honor the micromips codealign...
Sandfly Security
Sandfly 4.3.0 - Key Vault Integration & FasterLearn moreUnder Attack?SupportContact UsPlatformWhy Sandfly?How Sandfly WorksSSH Key TrackingLinux Threats DetectedWalk ThroughResourcesProduct FAQsProduct DocumentationCode Security AuditsCustomersTestimonialsCase StudiesAboutOur StoryPartners and MSSPsUnder Attack? Contact Us BlogGet SandflyBlogSandfly 4.3.0 - Key Vault Integration, Process, SSH, and Persistence Attack DetectionSandfly 4.3.0 - Key Vault Integration, Process, SSH, and Persistence At...
Sleuthkit
The Sleuth Kit can be used with Autopsy, which can be downloaded here. Refer to the SleuthKitWiki for Packages and Add-ons. Bugs See the Support page for details on reporting bugs. Announcements Announcements of new releases are sent to the sleuthkit-announce and sleuthkit-users e-mail lists and the RSS feed . © 2003-2023 Brian Carrier
USB Detective
Added support for identification of potential device volume formats. When a potential format is identified, the date range of the potential format is recorded in the verbose device details and the user is provided with a notice of the event. Added support for identification of the same VSN across different devices (based on serial/UID). Since an identical VSN across different devices will impact LNK file and jump list correlation, the user is notified when this is detected. Added support for par...
Volexity
Installation Usage as a library CLI usage Extract embedded files Display metadata Disclaimer README.md OneNoteExtractor This is a quick Python script for extracting files and metadata from .one files. At the time of the creation (2023-01-20) of this script there appear to be no Python scripts that can extract files or metadata from objects Installation To install OneNoteExtractor, we recommend using something like this: cd /path/to/onenoteextractor/ && python -m pip install . Usage as a library ...
Xways
X-Ways Forensics 20.7 Log Out | Topics | Search Moderators | Edit Profile X-Ways User Forum » Public Announcements » X-Ways Forensics 20.7 « Previous Next » Author Message Stefan Fleischmann Username: adminRegistered: 1-2001Posted on Sunday, Sep 18, 2022 - 17:22: A preview version of X-Ways Forensics 20.7 is now available. The URL of the download directory for all recent versions can be retrieved by querying one's license status as always. What's new in v20.7 Preview 1? * 5% more definitions of ...
