解析メモ

マルウェア解析してみたり解析に役に立ちそうと思ったことをメモする場所。このサイトはGoogle Analyticsを利用しています。

4n6 Week 27 – 2023 - SOFTWARE UPDATES

本エントリは This Week in 4n6 (FourAndSix=Forensics) で紹介された各記事の冒頭を表示し、チェックする記事をザッピングするために自動生成&投稿したものです。 一部の記事は Google Bard を使い要約しています。4n6 は こちら からご確認いただけます。

SOFTWARE UPDATES

Amped

Emi Polito June 28, 2023 Contents 1 Improvements 2 Decoding Formats 3 Don’t Delay – Update Today A new update of Amped DVRConv has just been released! Amped DVRConv is a forensic batch converter that will copy-stream or transcode video coming from many different sources (including proprietary CCTV) into a fully compatible and forensically sound format. The program works with an easy and effective drag and drop interface; just bring in as many videos as you like, from as many formats and variants...

ANSSI DFIR-ORC

v10.2.1 Latest Latest Compare Choose a tag to compare View all tags fabienfl-orc released this 27 Jun 10:06 v10.2.1 4c0db0f Changes: 4c0db0f Merge branch 'main' into release/10.2.x 5d0905f changelog: update to 10.2.1 e179c92 OrcCommand: add log message on missing 'Location' resolution db8da0d OrcLib: LocationSet: cli overrides any previously set parsed location 4fcc729 OrcLib: Configuration: make xml 'Location' optional ad59c0f OrcLib: OrcLimits: fix limit handling when set to UINT_MAX 8ec0204 O...

Canadian Centre for Cyber Security

Skip to content Toggle navigation Sign up Product Actions Automate any workflow Packages Host and manage packages Security Find and fix vulnerabilities Codespaces Instant dev environments Copilot Write better code with AI Code review Manage code changes Issues Plan and track work Discussions Collaborate outside of code Explore All features Documentation GitHub Skills Blog Solutions For Enterprise Teams Startups Education By Solution CI/CD & Automation DevOps DevSecOps Case Studies Customer Stori...

Cyber Triage

Elcomsoft

Elcomsoft iOS Forensic Toolkit 8.30 and 7.90 expand low-level extraction support, now covering iOS 16.0 through 16.3.1 on latest-generation iPhone and iPad models. For the first time ever, full file system extraction becomes available on the iPhone 14 and 14 Pro range of devices and other iPhone and iPad models built with the A12 and newer chips, effectively covering the iPhone Xr/Xs through iPhone 14/Pro range and many corresponding iPads including those based on Apple M1 and M2 chips. The late...

Eric Conrad

Here are my slides from my SANS Webcast Introducing DeepBlueCLI v3.DeepBlueCLI is available here. Posted by Eric Conrad at 10:16 AM No comments: Post a Comment Older Post Home Subscribe to: Post Comments (Atom) About Me Eric Conrad Peaks Island, ME, United States CTO, Backshore Communications I am a SANS Faculty Fellow, co-author of SANS Security 511, MGT 414, and Security 542. I am GIAC GSE #13. I am a graduate of the SANS Technology Institute, with a Master of Science in Information Security E...

Eric Kutcher

Compare Choose a tag to compare View all tags thumbcacheviewer released this 30 Jun 21:20 · 2 commits to master since this release v1.0.3.8 c0d5305 Win32 executable. Assets 4 All reactions Footer © 2023 GitHub, Inc. Footer navigation Terms Privacy Security Status Docs Contact GitHub Pricing API Training Blog About You can’t perform that action at this time.

Latest Latest Compare Choose a tag to compare View all tags thumbcacheviewer released this 01 Jul 23:01 · 1 commit to master since this release v1.0.2.0 bcaf915 Command-line executable. Assets 3 All reactions Footer © 2023 GitHub, Inc. Footer navigation Terms Privacy Security Status Docs Contact GitHub Pricing API Training Blog About You can’t perform that action at this time.

ExifTool

ExifTool Version History RSS feed: //exiftool.org/rss.xml Note: The most recent production release is Version 12.60. (Other versions are considered development releases, and are not uploaded to MetaCPAN.) June 28, 2023 - Version 12.64 Added a new Sony LensType (thanks Jos Roost) Added config_files/guano.config to the distribution (thanks StarGeek) Added support for Garmin Low-resolution Video (GLV) files Added JUMBF to the list of deletable groups Added (untested) read support for spherical vide...

Alexandre Borges

Latest Latest Compare Choose a tag to compare View all tags alexandreborges released this 27 Jun 02:34 v5.3 7d20083 Malwoverview 5.3 Assets 2 All reactions Footer © 2023 GitHub, Inc. Footer navigation Terms Privacy Security Status Docs Contact GitHub Pricing API Training Blog About You can’t perform that action at this time.

Mark Mckinnon

Skip to content Toggle navigation Sign up Product Actions Automate any workflow Packages Host and manage packages Security Find and fix vulnerabilities Codespaces Instant dev environments Copilot Write better code with AI Code review Manage code changes Issues Plan and track work Discussions Collaborate outside of code Explore All features Documentation GitHub Skills Blog Solutions For Enterprise Teams Startups Education By Solution CI/CD & Automation DevOps DevSecOps Case Studies Customer Stori...

Metaspike

Forensic Email CollectorIdeasRoadmapAnnouncementsSearch Ideas...⌘KLog inSign upAnnouncementsFilterNew updates and improvements to Forensic Email CollectorAll Announcements1 Jul, 20233.88.0.12FEC ReleaseThis is a maintenance release with the following improvements:✔️Improved support for Gmail / Google Workspace mailboxes with a very large number of labels.✔️Error messages for Yahoo/AOL authentication issues are now clearer.✔️Fixed an issue that could prevent POP3 acquisitions from starting.✔️Nume...

MSAB

/ Updates / New release: XRY 10.6, XAMN 7.6 and XEC 7.6 Industry leading UNISOC BFU support, simplified exclusion of expendable files, and more good news for mobile forensic professionals We are delighted to unveil the most recent release of XRY, XAMN, and XEC. The latest iterations of these powerful MSAB products are a significant leap forward in our mission to assist forensic investigators, digital investigators, and other users in swiftly and effortlessly acquiring and analyzing mobile data. ...

OpenCTI

Latest Latest Compare Choose a tag to compare View all tags Filigran-Automation released this 29 Jun 08:33 · 13 commits to master since this release 5.8.7 ed24e43 This commit was signed with the committer’s verified signature. SamuelHassine Samuel Hassine GPG key ID: 966CA4FD74C31B9B Learn about vigilant mode. Enhancements: #3592 Take into account the selected text in the creation of observables Bug Fixes: #3593 Timeseries by day (widget) is displaying too many point on x-axis #3591 Mapping on e...

Paraben Corporation

Written by Alisha Cales  June 30, 2023  There is never a shortage of new innovations at Paraben and the new 3.6 release is no exception. With new support for Meta Quest Oculus, Microsoft Teams business collection from the cloud with tokens, and live collection with the unique remote cloud tool in E3 you have endless options. OSINT functionality has also been improved with new Google location data, and supported with a new OSINT tool OSINT LIAR that can share data from E3 with its analysis plat...

Serviço de Perícias em Informática – IPED

Latest Latest Compare Choose a tag to compare View all tags lfcnassif released this 30 Jun 22:42 · 610 commits to master since this release 4.1.3 5c432bc This release contains a few improvements and fixes, please see the ReleaseNotes.txt for the full changes. Some of them are highlighted below: News: #1287: Flag Whatsapp Forwarded messages (@tc-wleite, @gfd2020) #1647: Handle some new and common WhatsApp system messages (@tc-wleite, @lfcnassif) #1610: Read WhatsApp owner account information from...

Timesketch

20230628 Latest Latest Compare Choose a tag to compare View all tags berggren released this 28 Jun 13:08 20230628 b824136 This commit was created on GitHub.com and signed with GitHub’s verified signature. GPG key ID: 4AEE18F83AFDEB23 Learn about vigilant mode. What's Changed Update changelog by @berggren in #2768 Scenarios model refactor by @berggren in #2672 Ssh bruteforce analyzer by @roshanmaskey in #2769 Add missing dependency for e2e container by @berggren in #2783 🐛 Handle None response fr...