You can try out Santoku Linux for mobile device forensics. Forensics procedures may be slightly different for mobile devices when compared to computers.
Facts have proven time and again, that Microsoft Windows is inherently insecure, whatever may be told to the world about it's security having improved over the years. In fact, those who get infected on account of these defects should take the battle to Microsoft and demand compensation. Though there are other technical controls within their … Continue reading Microsoft Windows and malware (duqu)
You can use testdisk and Photorec from http://www.cgsecurity.org/testdisk-6.13-WIP.linux24.tar.bz2 to recover missing files from your SD Cards. There are other tools at http://www.cgsecurity.org too. You can also install it from your distribution's repository. It is a part of some digital forensics tools. In Ubuntu 14.04 open up the Software Manager and look for photorec. When retrieving … Continue reading Recover data and deleted files using testdisk and PhotoRec
# sudo apt-get install ddrescue Connect the disk whose data is to be recovered to the computer. # sudo dd_rescue /dev/sdb diskimage.img # mount -t ext3 -o loop diskimage.img /mnt/tmp /dev/sdb will vary depending on the devices connected on the computer.
Try Backtrack 4 and Knoppix-STD. Both are good to perform forensic analysis of computer systems. You can get lots of information from CMU-SEI which is the First Responders Forensics Guide, and you can also get literature from the internet. WinHex is a program that does forensic analysis in Windows. The web page by Gary Kessler … Continue reading Forensics Distribution / Resources in Linux
Visit URL http://www.cert.org/forensics/tools/ to download the rpm for th eCERT-Forensics repository. Install it and then give command: # yum install CERT-Forensic-Tools This will install all the Linux forensics tools onto your Fedora system.
http://www.linuxforensics.com/forensics/knoppixmanual.pdf Live CD knoppix Penguin Sleuth Helix from http://www.e-fense.com/helix At knoppix prompt, type knoppix 2 noswap # mount -ro /dev/hda1 /mnt/hda1 # mount -rw /dev/uba1 images 'mount new drive # md5sum /dev/hda1 > /images/dataorig.txt # dd if=/dev/hda1 of=/images/dataorig.img # md5sum /images/dataorig.img > /images/copy.txt Compare the md5 sums. If same, then you have an identical copy. … Continue reading Forensic Tools
NIST 800-86, 800-34, 800-30, 800-55 and nvd-nist.gov Autoscan software licence tools http://autoscan.free.fr BSA site also has tools. http://www.usdoj.gov/criminal/cybercrime/fedcode.htm http://www.gosci.com – Threats Interrogation Books Principles of kinesic interview and interrogation techniques by Stan Walters CRC Press. Influence – Science and practice by Rober Cialdini Essentials of the Reid technique Criminal interrogation and confessions by Joseph Buckley.
Linux Security Audit and Control Features Antihacker Toolkit 3rd edition Practical Unix and Internet Security 3rd edition Fraud Auditing and Forensic Accounting 3rd Edition Implementing Database Security and Auditing Grey Hat Hacking Ethical Hackers Handbook.
The Coroners Tool kit