Digital forensics is a specialist art. It allows investigations to be undertaken without modifying the media.
Read more
Category: Security
Jomon – network forensics and passive sniffer
Jomon is a network forensics and passive sniffer tool. It monitors all incoming/outgoing network traffic, without the use of libpcap
Read more
reaction – daemon that scans program outputs for repeated patterns, and takes action
reaction is a daemon that scans program outputs for repeated patterns, and takes action.
Read more
Linux Hardening in Hostile Networks: Server Security from TLS to Tor
This guide explores the approach needed to protect Linux servers including the implementation of Transport Layer Security protocols and Tor.
Read more
Optimizing Cybersecurity: Exploring the Synergy Between Linux Operating Systems and Emerging Security
We explore the synergy between Linux operating systems and the latest developments in cybersecurity.
Read more
Netfilter – packet filtering framework
Netfilter is a framework offering a set of hooks inside the Linux kernel that allows kernel modules to register callback functions with the network stack.
Read more
Zeek – network security monitor
Zeek is a powerful framework for network traffic analysis and security monitoring.
Read more
Argus – auditing network software
Audit Record Generation and Usage System (Argus) is a Real Time Flow Monitor that is designed to perform comprehensive IP network traffic auditing.
Read more
ntop – network traffic probe
ntop is a network traffic probe that shows the network usage, similar to what the popular top Unix command does.
Read more
SEC – tool for advanced event processing
Simple Event Correlator (SEC) is an open source and platform independent event correlation tool. SEC is a simple event correlation tool.
Read more
Scapy – packet manipulation program
Scapy is a powerful interactive packet manipulation program. It is able to forge or decode packets of a wide number of protocols.
Read more
Knocker – TCP security port scanner
Knocker is a simple, and easy to use TCP security port scanner written in C. It’s able to analyze hosts and the network services which are running on them.
Read more
tcpreplay – Pcap editing and replaying utilities
tcpreplay is a set of tools written which gives you the ability to use previously captured traffic in libpcap format to test a variety of network devices.
Read more
Darik’s Boot and Nuke – hard drive eraser and data clearing utility
Darik’s Boot and Nuke (“DBAN”) is a self-contained boot disk that securely wipes the hard disks of most computers.
Read more
Nikto – web server scanner
Nikto is a web server scanner which performs comprehensive tests against web servers for multiple items.
Read more