Microsoft Windows and malware (duqu)

Facts have proven time and again, that Microsoft Windows is inherently insecure, whatever may be told to the world about it's security having improved over the years. In fact, those who get infected on account of these defects should take the battle to Microsoft and demand compensation. Though there are other technical controls within their … Continue reading Microsoft Windows and malware (duqu)

Recover data and deleted files using testdisk and PhotoRec

You can use testdisk and Photorec from to recover missing files from your SD Cards. There are other tools at too. You can also install it from your distribution's repository. It is a part of some digital forensics tools. In Ubuntu 14.04 open up the Software Manager and look for photorec. When retrieving … Continue reading Recover data and deleted files using testdisk and PhotoRec

Forensics Distribution / Resources in Linux

Try Backtrack 4 and Knoppix-STD. Both are good to perform forensic analysis of computer systems. You can get lots of information from CMU-SEI which is the First Responders Forensics Guide, and you can also get literature from the internet. WinHex is a program that does forensic analysis in Windows. The web page by Gary Kessler … Continue reading Forensics Distribution / Resources in Linux

Forensic Tools Live CD knoppix Penguin Sleuth Helix from At knoppix prompt, type knoppix 2 noswap # mount -ro /dev/hda1 /mnt/hda1 # mount -rw /dev/uba1 images 'mount new drive # md5sum /dev/hda1 > /images/dataorig.txt # dd if=/dev/hda1 of=/images/dataorig.img # md5sum /images/dataorig.img > /images/copy.txt Compare the md5 sums. If same, then you have an identical copy. … Continue reading Forensic Tools

Criminal interrogation techniques / forensic books

NIST 800-86, 800-34, 800-30, 800-55 and Autoscan software licence tools BSA site also has tools. – Threats Interrogation Books Principles of kinesic interview and interrogation techniques by Stan Walters CRC Press. Influence – Science and practice by Rober Cialdini Essentials of the Reid technique Criminal interrogation and confessions by Joseph Buckley.