Last Updated: 2008-09-23 04:20:14 UTC
by Jim Clausing (Version: 2)
If you've paid any attention to my past diaries, you know that I like to collect tools that are useful for packet analysis, malware analysis, memory analysis, log analysis, etc. Here are a few of the new/interesting/different/updated tools or resources that I've looked at or heard about over the last several months since I last posted on the topic.
- PyFlag - Dr. Michael Cohen's python forensic and log analysis system (he even recently got it, at least partially, running under Windows). Be sure to also take a look at the Volatility-PyFlag DFRWS Forensic Challenge submission.
- http://packetlife.net/ (an interesting blog) and especially http://packetlife.net/cheatsheets/
- psad - an interesting tool for attack detection using iptables logs
- Harlan Carvey had a post on his blog last month about analyzing browser artifacts that I thought was very good and pointed to some other tools.
- Cert.org had a nice blog post about ping sweeps in IPv6
- webFileScanner.pl - a pen test tool from 0x0e