Show Host: Mike Rodrick
Show Instructor: Sean Philip Oriyano
- Author/Consultant/Instructor
oriyano.com
Books
Forensic Tool Suites
• Open Source
- The Sleuth Kit / Autopsy
Forensic Incident Response Environment (F.I.R.E.)
Helix3 (also has payed version)
• Commercial Tools (most have free or trial versions)
Other Very Useful Suites
- Windows Sysinternals
Hiren’s BootCD 15.2 - lots of utilities
Burp Suite - also comes with KALI linux
Forensic Operating Systems, VM's, Live CD's/DVD's & USB's
Forensic Tools
- metasploit - also somes with KALI
GetData - data recovery
Hashcat - advanced password recovery
DriveSpy
metagoofil - KALI tool designed for extracting metadata of public documents (pdf,doc,xls,ppt,docx,pptx,xlsx)
PE.Explorer
AUTODESK
ZAMAR - free online file converter
McAfee Free Tools
CRU WiebeTech - forensic products
sourceforge - security utilities
Top 20 Free Digital Forensic Investigation Tools for SysAdmins
Windows System Control Center (WSCC)
Netcat (GNU)
Wireshark
Lizard LABS
Log Parser 2.2 - from Microsoft
WI‑SPY + CHANALYZER
nmap
NirSoft - lots of freeware utilities
regviewer
L0phtCrack - password audit & recovery
IDA - multi-processor disassembler and debugger
gimp - (GNU)
IrfanView - freeware graphic viewer for Windows
OllyDbg
Wikto
Andriod App Ops Starter
Black Hole Faraday Bag
Mobile Forensics
-
Software
-
Hardware
Investigative reports
- http://resources.infosecinstitute.com/computer-forensics-investigation-case-study
http://digital-forensics.sans.org/blog/2010/08/25/intro-report-writing-digital-forensics
https://digital-forensics.sans.org/community/cheat-sheets
http://www.forensicfocus.com/computer-forensics-reports
http://resources.infosecinstitute.com/computer-forensics-investigation-case-study/
https://www.ncjrs.gov/pdffiles1/nij/199408.pdf
Other Forensic Links
- High Technology Crime Investigation Assoc
InfraGard
Digital Inteligence
SANS
SANS Institute InfoSec Reading Room
Logicube
Appliance for Digital Investigation and Analysis (ADIA)
The International Society of Forensic Computer Examiners (ISFCE)
(CCE) Certified Computer Examiner suggested study from ISFCE
(CFTT) Computer Forensics Tool Testing Methodology Overview
(CFReDS) Computer Forensic Reference Data Sets - The CFReDS Project
ARC Group of New York - techpathways
Symantec
Wall of Sheep shop
Some Programming Languages
ITPro.tv Courses that compliment DFI
- PowerShell Course for Administrators
Wireshark
Network+
Security+
(CEH) Certified Ethical Hacker
(SSCP) Systems Security Certified Practitioner
(CISSP) Certified Information Systems Security Professional
Day 3 WEDNESDAY links :
Paterva
NEXPOSE - Vulnerability management
Notepad++
virtualbox
DEEP LOG ANALYZER
Hyper-v: virtual machines on Windows 8.1
Darik's Boot And Nuke(dban) - Data Wiping Software
WhiteCanyon Software
Day 4 THURSDAY links:
- NSA Media Destruction Guidance
Disklabs
Cold Boot Attacks on Encryption - Princeton.edu paper
wotsit.org
Other Useful Links
- Backup & Restore MBR in Windows
The Basic: What is e-Discovery
In-Place eDiscovery & Hold in Exchange 2013
Steganograpy
Hard Drive Recovery Videos
Michala's Certified Ethical Hacker(CEH) forum link:
A must view forum
Forensic Certifications
• (CCE) Certified Computer Examiner
• (CCCI) Certified Computer Crime Investigator
• (CFCE) Computer Forensics Computer Examiner
• (CIFI) Certified Information Forensics Investigator
• (PCI) Professional Certified Investigator
• (CCFE) Certified Computer Forensics Expert
• (CDRP) Certified Data Recovery Professional
• (CISSP) Certified Information Systems Security Professional
More Certifications & information
• (ISC2)
• (IACRB) Information Assurance Certification Review Board
• Computer Forenics
Books
• Forensic Discovery by Dan Farmer and Wierse Venema
• Internet Forensics by Robert Jones
• File System Forensic Analysis by Brian Carrier
• Windows Forensic Analysis DVD Toolkit, Second Edition by Harlan Carvey
Internet Sites
http://www.forensicfocus.com
http://www.digital-evidence.org/
http://www.fbi.gov/cyberinvest/cyberhome.htm
http://krebsonsecurity.com/2010/03/researchers-map-multi-network-cybercrime-infrastructure/
http://www.ccmostwanted.com/
http://www.symantec.com/norton/cybercrime/index.jsp
http://www.antiphishing.org/
http://dataprotection.ie
http://www.tjmcintyre.com
http://en.wikipedia.org/wiki/Computer_crime
Journals
- Journal of Digital Forensics, Security and Law
- International Journal of Digital Crime and Forensics
- Journal of Digital Investigation
- International Journal of Digital Evidence
- International Journal of Forensic Computer Science
- Journal of Digital Forensic Practice
- Cryptologia
- Small Scale Digital Device Forensic Journal
Misc links
Articles From News
- Irish Pupils record's at risk
Phishing Email Destroys Hard Drives to avoid detection
NETFLIX Introducing FIDO: Automated Security Incident Response
Celebrate Screen-Free Week May 4th-10th
Super secretive malware wipes hard drive to prevent analysis
Phoebe Prince Suicide from Cyber Bullying
Garda (Irish Cops) is accused of stalking ex-boyfriend
Episode 1 - Modern Computer Forensic
• Categories of Attacks
- Person on Person
Person on Computer
Computer on Computer
•Types of Cyber Crime - Corporate crime
Criminal crime
)
Episode 11 - Wireless
- http://www.riverbed.com/products/performance-management-control/network-performance-management/wireless-packet-capture.html#Overview
http://www.tenable.com/products/nessus-vulnerability-scanner
http://www.metageek.com/products/eye-pa/
Episode 12 - Investigating Email Crime
-
Spam Senders Convicted In First Felony Case
CAN-SPAM Act: A Compliance Guide for Business
Department of Defense Releases New Cyber Strategy
File Carving
Formost
Scalpel
TestDisk and PhotoRec, CmosPwd,Lilo Password,Chntpw for dos
PC Inspector
quickdatarecoverypro
Stellar Phoenix: File Recovery Software
Data Recovery Wizard Professional -
Partition Recovery