解析メモ

マルウェア解析してみたり解析に役に立ちそうと思ったことをメモする場所。このサイトはGoogle Analyticsを利用しています。

4n6 Week 29 – 2023 - SOFTWARE UPDATES

本エントリは This Week in 4n6 (FourAndSix=Forensics) で紹介された各記事の冒頭を表示し、チェックする記事をザッピングするために自動生成&投稿したものです。 一部の記事は Google Bard を使い要約しています。4n6 は こちら からご確認いただけます。

SOFTWARE UPDATES

Atola

Published by Sergiy Pasyuta on July 10, 2023 Three… Two… One… Launch! Five years after the release of TaskForce, our hard-working forensic imager, we’re launching its advanced version – Atola TaskForce 2. And we can’t wait to tell you about all the improvements that make TaskForce 2 a next-level imager. The new generation of TaskForce brings more ports, more power and more speed. And all the features you love, too. 26 ports, 25+ parallel sessions, 25 TB/hour TaskForce 2 is able to simultaneously...

Amped

Emi Polito July 12, 2023 We are overly proud and thrilled to announce the new release of Amped FIVE, our flagship product and market leader in forensic video processing and analysis! In the last few months, we have worked hard to update the graphic user interface with a modern look in line with that of Microsoft Windows most recent operating system. We aimed to maintain the same interaction and user experience that you have come to enjoy over the years. And if this wasn’t enough by itself, we ha...

Canadian Centre for Cyber Security

Skip to content Toggle navigation Sign up Product Actions Automate any workflow Packages Host and manage packages Security Find and fix vulnerabilities Codespaces Instant dev environments Copilot Write better code with AI Code review Manage code changes Issues Plan and track work Discussions Collaborate outside of code Explore All features Documentation GitHub Skills Blog Solutions For Enterprise Teams Startups Education By Solution CI/CD & Automation DevOps DevSecOps Resources Customer Stories ...

GCHQ

Skip to content Toggle navigation Sign up Product Actions Automate any workflow Packages Host and manage packages Security Find and fix vulnerabilities Codespaces Instant dev environments Copilot Write better code with AI Code review Manage code changes Issues Plan and track work Discussions Collaborate outside of code Explore All features Documentation GitHub Skills Blog Solutions For Enterprise Teams Startups Education By Solution CI/CD & Automation DevOps DevSecOps Resources Customer Stories ...

Doug Burks at Security Onion

We recently released the third Beta version of Security Onion 2.4://blog.securityonion.net/2023/06/security-onion-24-beta-3-release-now.htmlToday, we are excited to release the fourth Beta (Beta 4) version of Security Onion 2.4!One of the new features in this release is the ability to upload PCAP and EVTX files right in Security Onion Console (SOC)! When you go to the Grid page, you can select a node in your deployment. If the node is a network sensor or import node, then there will be an icon i...

Doug Metz at Baker Street Forensics

DFIR, Malware, PowerShell Mal-Hash.ps1 The script takes the input of a file, calculates the hashes (MD5, SHA1, SHA256), and then submits the SHA256 hash to Virus Total* for analysis. The script will also run Strings against the sample. The script will check Malware Bazaar to see if a sample matching the hash is available. The hashes, strings, Virus Total and Malware Bazaar results are both displayed on screen and saved to a text report. Timestamp of the analysis is recorded in UTC. VTHashSub.ps1...

Elcomsoft

Elcomsoft System Recovery, a bootable forensic analysis tool for Windows, receives an update that introduces several new features designed to enhance efficiency and simplicity during in-field investigations. The updated tool enables the collection, extraction, and analysis of essential artifacts available on the computers being investigated. The primary focus of this update is to streamline the process of analyzing digital evidence during in-field investigation by expanding the collection of boo...

Eric Kutcher

Compare Choose a tag to compare View all tags thumbcacheviewer released this 14 Jul 21:00 v1.0.2.1 a9b0aa4 Command-line executable. Assets 4 All reactions Footer © 2023 GitHub, Inc. Footer navigation Terms Privacy Security Status Docs Contact GitHub Pricing API Training Blog About You can’t perform that action at this time.

Latest Latest Compare Choose a tag to compare View all tags thumbcacheviewer released this 14 Jul 21:00 v1.0.3.9 a9b0aa4 Win32 executable. Assets 4 All reactions Footer © 2023 GitHub, Inc. Footer navigation Terms Privacy Security Status Docs Contact GitHub Pricing API Training Blog About You can’t perform that action at this time.

Magnet Forensics

We are happy to announce the release of Magnet AXIOM Cyber 7.3. This release adds a new option to connect to VeraKey, making it even easier for you to quickly collect and process mobile data for your eDiscovery and internal investigations. We have also added a new exporting capability for AXIOM Cyber that builds on the privileged material feature, and added to the SHA256 support introduced in AXIOM Cyber 7.2. As with all releases of AXIOM Cyber, we have also updated and added to the artifact sup...

We’re excited to announce the release of Magnet AXIOM 7.3! This latest version introduces a number of new features to help make your digital evidence analysis and reporting faster and easier, along with several new and updated artifacts. You can upgrade to the latest version within AXIOM or over at the Customer Portal. If you haven’t tried AXIOM yet, request a free trial here. Quickly Preview Video Files With the volumes of video data involved in the typical investigation rapidly growing, examin...

MALCAT

Wed 12 July 2023 malcat team news Today we are happy to announce the release of version 0.9.2. This release focuses on the global workflow and includes many quality-of-life improvements. And thanks to your feedback, a couple of rather cool features have been added: New data transform workflow, now including chained transforms! Better source code viewer CHM file format support (with in-app unpacking) .NET static arrays parsing You can now shift, insert and delete bytes in file Several user interf...

Manabu Niseki

Skip to content Toggle navigation Sign up Product Actions Automate any workflow Packages Host and manage packages Security Find and fix vulnerabilities Codespaces Instant dev environments Copilot Write better code with AI Code review Manage code changes Issues Plan and track work Discussions Collaborate outside of code Explore All features Documentation GitHub Skills Blog Solutions For Enterprise Teams Startups Education By Solution CI/CD & Automation DevOps DevSecOps Resources Customer Stories ...

MISP

  • go to homepage Toggle Navigation Home Features Data Models Data Models MISP core format MISP taxonomies MISP Galaxy MISP Objects Default feeds Documentation Documentation Documentation OpenAPI Tools Support Contributing Research projects Legal License Legal and policy GDPR ISO/IEC 27010:2015 NISD Communities Download Events Upcoming events Past events Webinars Hackathon MISP Summit News Contact Reaching us Contact Us Press inquiries Professional Services Commercial Support Security Matters Who...

OpenCTI

Version 5.9.2 Latest Latest Compare Choose a tag to compare View all tags Filigran-Automation released this 13 Jul 12:29 · 1 commit to master since this release 5.9.2 bc9e070 This commit was signed with the committer’s verified signature. richard-julien Julien Richard GPG key ID: 5A3D156BFCC8BAA7 Learn about vigilant mode. Bug Fixes: #3760 Radar loading is breaking display #3759 Graph view is broken in containers Pull Requests: [frontend] Add missing import by @RomuDeuxfois in #3756 Update depen...

Passware

July 11, 2023 Product Update Passware Kit 2023 v3 enables users to unlock encrypted Apple Notes. It detects Apple Notes SQLite databases and recovers passwords with GPU acceleration. It also adds support for the latest version of KeePass, including databases protected with key files, and it instantly unlocks AxCrypt files using the password recovered for AxCrypt private key. Continue Reading Passware Kit Mobile 2023 v4 Now Available June 22, 2023 Product Update PKM 2023 v4 is the first and only ...

WithSecure Labs

Skip to content Toggle navigation Sign up Product Actions Automate any workflow Packages Host and manage packages Security Find and fix vulnerabilities Codespaces Instant dev environments Copilot Write better code with AI Code review Manage code changes Issues Plan and track work Discussions Collaborate outside of code Explore All features Documentation GitHub Skills Blog Solutions For Enterprise Teams Startups Education By Solution CI/CD & Automation DevOps DevSecOps Resources Customer Stories ...

Xways

X-Ways Forensics 20.8 Log Out | Topics | Search Moderators | Edit Profile X-Ways User Forum » Public Announcements » X-Ways Forensics 20.8 « Previous Next » Author Message Stefan Fleischmann Username: adminRegistered: 1-2001Posted on Tuesday, Feb 7, 2023 - 17:54: A preview version of X-Ways Forensics 20.8 is now available. The URL of the download directory for all recent versions can be retrieved by querying one's license status as always. What's new in v20.8 Preview 1? * Improved some aspects o...

X-Ways Forensics 20.9 Log Out | Topics | Search Moderators | Edit Profile X-Ways User Forum » Public Announcements » X-Ways Forensics 20.9 « Previous Next » Author Message Stefan Fleischmann Username: adminRegistered: 1-2001Posted on Tuesday, May 2, 2023 - 20:45: A preview version of X-Ways Forensics 20.9 is now available. The URL of the download directory for all recent versions can be retrieved by querying one's license status as always. What's new in v20.9 Preview 1? * What's better than 5 ha...