Live View is a Java-based graphical forensics tool that creates a VMware virtual machine out of a raw (dd-style) disk image or physical disk.

The test looked at several classes of forensic tools, including traditional computer forensics tools; network forensics analyzers; specialized tools for such things as live forensic capture, PDA forensics, etc.; and tools for performing forensic captures over networks, largely in an incident response environment.

Today I came across a new tool to investigate the index.dat files : Index.dat Analyzer 2.0 This remembers me of another good tool for Web Forensics : MANDIANT Web Historian which I’ve used in the past to track down security policy violations. It’s good to know that both tools are free.

BackTrack is the most Top rated linux live distribution focused on penetration testing. The long-awaited (~5 months) tool has reached it’s Version 2.0 final stage. There are a lot of changes since the last Version as mentioned on the Changelog.

SIPcrack is a SIP login sniffer/cracker that contains 2 programs: sipdump to capture the digest authentication and sipcrack to bruteforce the hash using a wordlist or standard input.

I stumbled upon yet another blind SQl injection tool called sqlmap written by Bernardo Damele and Daniele Bellucci. I didn’t have time to test it, but the tool’s description is quite ambitious

Tenable puts a cool Antivirus deployment Audit checks into it’s ground breaking Nessus tool. Compliance is the universal security obsession and I think Nessus will move more and more into this area. Quote:

amazing that this nifty tool supports Server-side JS, GET, POST, uploads, Cookies, SQLite and AJAX.

Ever wondered how could you find all the sub-domain hosts starting your search just from the domain name ?

Java Source Code Audit tools