Back in July I gave a talk at OMFW about extracting timeline data from a memory sample using the Volatility framework. Now has come the time to release the plugins that came along with that talk. In addition to the plugins I have included a whitepaper on how these plugins were created and used. It is released more in hopes that people will see how to use the framework and be able to write their ow
「Trinity Rescue Kit」を使うと何らかの都合でパスワードの分からなくなったWindowsのパスワードをリセットできるブートCDの作成が可能なのですが、CDドライブがない場合には作成できません。そこでできるだけ簡単にWindows上からブータブルUSBメモリを作成し、Windowsのパスワードをリセットする手順をまとめてみました。 ◆手順1:「Trinity Rescue Kit」のISOイメージをダウンロード まずは下記公式サイトにアクセスします。 Trinity Rescue Kit: Download - Trinityhome https://trinityhome.org/trinity_rescue_kit_download/ アクセスしたら3つあるリンクの内どれでもいいのでクリックしてISOイメージをダウンロードします。約150MBほどあります。 この「Trin
Unix (general) Rosetta Stone for Unix Windows Debugging Tools for Windows 6.12.2.633 Forcing a System Crash from the Keyboard WinDbg Quick Download Links, Symbols, etc. SystemDump Application Verifier IDA (freeware) StressPrinters Dependency Walker Kernel Memory Space Analyzer MS Debug Diagnostic Tool InstantDump (JIT Process Dumper) UDmp2Txt (processing hundreds of user dumps) TestDefaultDebugger
News January 13, 2012 : sqlsus 0.7.2 is out, bug fix release. Starting with version 0.7, sqlsus now supports time-based blind injection and automatically detects web server / suhosin / etc.. lentgh restrictions. Quite a lot of improvements for this release again, see CHANGELOG for more information. Bug reports, feature requests, and greetings are as always more than welcome, drop me an email ! Int
Experts in network security monitoring and network forensics NETRESEC| Products| Training| Resources| Blog| About Netresec RawCap is a free command line network sniffer for Windows that uses raw sockets. Quick RawCap facts: Can sniff any interface that has got an IPv4 address, including 127.0.0.1 (localhost/loopback)RawCap.exe is just 48 kBNo external libraries or DLL's needed other than .NET Fram
Immunity Debugger Plugin Fixer Tool v1.01 This is a small tool to convert old Immunity Debugger plugins to be compatible with the Immunity Debugger v1.8x changes. The tool also works with OllyDbg plugins, and comes with full source. Simply drop old plugin(s) onto the FixPlugins.EXE and a new file will be generated which will have Imports and Exports fixed to be compatible. Technical details: The
Hash Suite by Alain Espinosa Windows XP to 10 (32- and 64-bit), shareware, free or $39.95+ Hash Suite is a very efficient auditing tool for Windows password hashes (LM, NTLM, and Domain Cached Credentials also known as DCC and DCC2). It is very fast, yet it has modest memory requirements even when attacking a million of hashes at once. The GUI is simple, yet uses modern features offered by Windows
Overview OSFMount allows you to mount local disk image files (bit-for-bit copies of an entire disk or disk partition) in Windows as a physical disk or a logical drive letter. You can then analyze the disk image file with PassMark OSForensics™ by using the physical disk name (eg. \\.\PhysicalDrive1) or logical drive letter (eg. Z:). By default, the image files are mounted as read only so that the o
About extundelete extundelete is a utility that can recover deleted files from an ext3 or ext4 partition. The ext3 and ext4 file systems are the most common default file systems in Linux distributions like Mint, Mageia, or Ubuntu. extundelete uses information stored in the partition's journal to attempt to recover a file that has been deleted from the partition. There is no guarantee that any part
Easy and free fix for damaged zip filesRepair zip files for free! The zip file format is the most popular form of data storage. It is widely used for backup and transfer of information over the internet. As any format with a well-defined structure, it is highly sensitive to corruptions. In case of even a minor corruption of the file structure, standard zip tools will no be able to extract its cont
リリース、障害情報などのサービスのお知らせ
最新の人気エントリーの配信
処理を実行中です
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く