computer-forensics

Free (and/or open source) security software

I know about my options for antivirus, antispyware, and firewall, but are there any higher end security tools for any operating systems (although I'm running Windows and Cygwin, so those options would be especially appreciated) to do things like password recovery, computer forensics, and that sort of thing? I'm currently running the Micr...

What are good books about security, hacking, and computer forensics?

I know this is a broad area, but... I'm looking at Writing Secure Code, Second Edition, but I was wondering what other good books were out there on the subjects of security, hacking, and computer forensics. A quick search turns up plenty, but I'm not sure where to begin. For the record, I am a software engineering undergraduate student...

How Can I Find Out *HOW* My Site Was Hacked? How Do I Find Site Vulnerabilities?

One of my custom developed ASP.NET sites was hacked today: "Hacked By Swan (Please Stop Wars !.. )" It is using ASP.NET and SQL Server 2005 and IIS 6.0 and Windows 2003 server. I am not using Ajax and I think I am using stored procedures everywhere I am connecting to the database so I dont think it is SQL injection. I have now removed t...

How to analyse a HTTP dump?

I have a file that apparently contains some sort of dump of a keep-alive HTTP conversation, i.e. multiple GET requests and responses including headers, containing an HTML page and some images. However, there is some binary junk in between - maybe it's a dump on the TCP or even IP level (I'm not sure how to determine what it is). Basical...

Find Programming Language Used

Whats the easiest way to find out what programming language an application was written in? I would like to know if its vb or c++ or delphi or .net etc from the program exe file. ...

steganography and forensic computing sources?

I'm interested on the field, for now just hobby-like interest. So, I was wondering if you guys knew about good sources on such field. I will google some and probably post it also as an answer, on the meanwhile, you might add neat sources that you're aware of. EDIT: I found this here at SO: [1] http://stackoverflow.com/questions/27827/wh...

Old data stored in database file

How can I ensure that all data that I've erase from the db tables, is no longer stored in the mdb files (and others) on the hard disk? Here's my situation: My client used to store non-encrypted credit card data, in their database (SQL Server). Thanks to PCI requirements, they now encrypt all that data... However, the mdb file still has ...

Java as a digital forensics environment

Hi folks, Just wondering if anyone out there has any experiance working with java (as appose to c/c++) in a digital forensics environment and if so could they advise me as to problems or advantages they may have encountered? Cheers ...

Morris Internet Worm - anyone knows how did they manage to stop it?

Hi there, yes, this is a homework-type question but could you please help me out? In a very short presentation on the topic of Morris Internet Worm I am supposed to list the steps taken to stop the worm from spreading. My pp slides are now approaching the final state, but before I go and say that this or that is how they stopped the wo...

Any Open Source NTFS, FAT32, HFS or EXT implementations in Java?

I do work in computer forensics and am trying to move my codebase from C++ to Java. I need a good open source implementation of all the various filesystems in Java to help this effort. Does anyone know of such an implementation? ...

Text editor capable of viewing invisibles?

A recent problem* left me wondering whether there is a text editor out there that lets you see every single character of the file, even if they are invisible? Specifically, I'm not looking for hex editing capabilities, I am interested in a text editor that'll show me all of the invisible characters (not just the common whitespace / line ...

Can I embed an exe in a pdf, doc, ppt or any other file format?

Is there any way that I can embed a .exe file in a .pdf, .doc, .xls, .ppt file, and on opening the containing file, the document processor will run the .exe automatically? ...