This Autopsy plugin by Rebecca Anderson won Autopsy Plugin Contest this year at Open Source Digital Forensics Conference (OSDFCon). It searches Virus Total for SHA1 hashes of executables from amcache. You can get the plugin here.
-
volatility-wnf: Browse and dump Windows Notification Facilities
This Volatility plugin is based on work of Alex Ionescu and Gabrielle Viala. https://blog.… -
Learning Android Forensics, 2nd Edition has been released
The 2nd edition of Learning Android Forensics by Oleg Skulkin, Donnie Tindal and Rohit Tam… -
yara_tools: Create YARA Rules In Python
Michael Matonis has written a library that helps security researchers create simple or com…
Load More Related Articles
-
volatility-wnf: Browse and dump Windows Notification Facilities
This Volatility plugin is based on work of Alex Ionescu and Gabrielle Viala. https://blog.… -
yara_tools: Create YARA Rules In Python
Michael Matonis has written a library that helps security researchers create simple or com… -
iOS Mobile Installation Logs Parser
Alexis Brignoni has written a script for parsing all the logs in the /private/var/installd…
Load More In Software
