Michele M Jordan
NTI's forensic software tools are used in security reviews, internal audits and computer related investigations. Some of the tools are also used to identify and eliminate sensitive data leakage in classified government agencies. They are sold separately a ...
The tools included in the PsTools suite, which are downloadable individually or as a package, are: PsExec - execute processes remotely, PsFile - shows files opened remotely, PsGetSid - display the SID of a computer or a user, PsKill - kill processes by na ...
NetAnalysis will automatically rebuild HTML web pages from an extracted cache, automatically adding the correct location of the graphics allowing you to view the page as the suspect did. NetAnalysis also allows you to easily view JPEG and other pictures t ...
chkrootkit: shell script that checks system binaries for rootkit modification. 45 rootkits, worms and LKMs are currently detected. The following tests are made: aliens asp bindshell lkm rexedcs sniffer wted scalper slapper z2 amd basename biff chfn chsh ...
Foremost is a console program to recover files based on their headers, footers, and internal data structures. This process is commonly referred to as data carving. Foremost can work on image files, such as those generated by dd, Safeback, Encase, etc, or ...
md5deep is a set of programs to compute MD5, SHA-1, SHA-256, Tiger, or Whirlpool message digests on an arbitrary number of files. md5deep is similar to the md5sum program found in the GNU Coreutils package, but has the following additional features: Re ...
PMDump is a tool that lets you dump the memory contents of a process to a file without stopping the process. This can be useful in a forensic investigation.
Ontrack PowerControls recovers individual mailboxes, messages and attachments without needing to restore the entire backup. Use the powerful search capability to rapidly find the items you need for eDiscovery and compliance. Versions for Exchange, ShareP ...
GNU Parted is a program for creating, destroying, resizing, checking and copying partitions, and the file systems on them. This is useful for creating space for new operating systems, reorganising disk usage, copying data between hard disks and disk imagi ...
mac-robber is a digital investigation tool that collects data from allocated files in a mounted file system. This is useful during incident response when analyzing a live system or when analyzing a dead system in a lab. The data can be used by the mactime ...
WinHex is in its core a universal hexadecimal editor, particularly helpful in the realm of computer forensics, data recovery, low-level data processing, and IT security. An advanced tool for everyday and emergency use: inspect and edit all kinds of files, ...
IDA Pro as a disassembler is capable of creating maps of their execution to show the binary instructions that are actually executed by the processor in a symbolic representation (assembly language). Advanced techniques have been implemented into IDA Pro s ...
OllyDbg is a 32-bit assembler level analysing debugger for Microsoft Windows. Emphasis on binary code analysis makes it particularly useful in cases where source is unavailable. OllyDbg is a shareware, but you can download and use it for free. Special hig ...
Safend Protector prevents internal/external data leakage by monitoring endpoint devices and data flow. Using granular and customizable security policies and rules, Protector automatically detects, permits and restricts files and encrypts media devices. Ve ...
AppSense Environment Manager provides consistent and contextual user environments across multiple application delivery mechanisms. With AppSense Environment Manager, IT can manage user profiles with minimal maintenance as well as provide users with some l ...
Becrypt have worked closely with the UK National Cyber Security Centre (NCSC) to support the enhanced security characteristics of NCSC’s Advanced Mobile Solutions program, resulting in the first MDM platform that can support dynamic Deep Packet Inspection ...
Intercept X Endpoint Features Endpoint Detection and Response (EDR)Automatically detect and prioritize potential threats and quickly see where to focus attention and know which machines may be impacted Extended Detection and Response (XDR)Go beyond the ...
Network VisibilityAutomatically detect, classify, profile and monitor rogue network devices and their security state. Endpoint ComplianceEndpoint security posture assessment; pre and post connection – 802.1x or non-802.1x. Guest ManagementAutomated, spo ...
NAP is one of the most desired and highly anticipated features of Microsoft® Windows® Server 2008. NAP is a new platform and solution that controls access to network resources based on a client computer’s identity and compliance with corporate governance ...
The LANenforcer 2024 and 2124 LAN Security Appliances transparently integrate into existing network infrastructures, sitting between existing switches at the access and distribution layers. The LANenforcer Appliance is an ideal solution for organizations ...