GCK's Cybercrime and Cyberforensics-related URLs
3 July 2017
Please direct any questions, comments, suggestions, etc. about this URL list to Gary Kessler.
[ General Information & Education Resources | Journals, Conferences, Papers | Computer Crime, Cybercrime, & Legal Issues ]
[ Online Safety | Computer Forensics | Computer Forensics Tools | Mobile Device Forensics ]
[ Network Forensics | Electronic Discovery | Terrorism-Related Issues/Investigations ]
General Information & Education Resources
Journals, Conferences, Papers
- Digital Forensic Research Workshop (DFRWS)
- Digital Investigation (print, but some articles online)
- International Journal of Digital Crime and Forensics
- International Journal of Digital Evidence (IJDE), an online quarterly journal
- International Journal of Electronic Security and Digital Forensics
- Journal of Digital Forensic Practice
- Journal of Digital Forensics, Security and Law
- Small Scale Digital Device Forensics Journal (SSDDFJ) (online)
- Digital Forensics Magazine
- Digital Forensic Investigator News (online)
- FBI Law Enforcement Bulletin
- Data2Know.com: Internet & Online Intelligence Newsletter (Hetherington Information Services)
- Checkmate, an Incident Response and Digital Forensics e-zine (NII Consulting)
- Law Technology News
- Digital Discovery & e-Evidence (Pike & Fischer)
- Forensic Science Communications, a quarterly forensic science journal published by the FBI Laboratory
- Law Enforcement Technology Magazine
- NIJ DOCUMENTS: Electronic Crime Scene Investigation: A Guide for First Responders, Second Edition (NCJ 219941) [ first edition (NCJ 187736)] | Forensic Examination of Digital Evidence: A Guide for Law Enforcement (NCJ 199408) | Investigations Involving the Internet and Computer Networks (NCJ 210798) | Digital Evidence in the Courtroom: A Guide for Law Enforcement and Prosecutors (NCJ 211314)
- "Searching and Seizing Computers and Obtaining Electronic Evidence in Criminal Investigations" (DOJ) ( PDF (2009) | PDF (2002))
- "Good Practice Guide for Computer based Electronic Evidence" (Association of Chief Police Officers, U.K.)
- CERT First Responder Guides: First Responders Guide to Computer Forensics | First Responders Guide to Computer Forensics: Advanced Topics
- FBI "Handbook of Forensic Services", Computer Evidence Examinations
- "Best Practices For Seizing Electronic Evidence", V3 (U.S. Secret Service) [V2: HTML | PDF)
- SWGDE documents
- The Internet Engineering Task Force's "Guidelines for Evidence Collection and Archiving" (RFC 3227)
- "Law Enforcement Tools and Technologies for Investigating Cyber Attacks: A National Research and Development Agenda" (ISTS)
- "Know Your Enemy: A Forensic Analysis" and other papers
- "What is electronic evidence?" (Center for Computer Forensics)
- "An Introduction to the Field Guide for Investigating Computer Crime" (T.E. Wright)
- "How the FBI investigates computer crimes"
- "Tracking a Computer Hacker" (D.A. Morris) | "Criminal Profiling, Computers, and the Internet" (E. Casey)
- SECURE DISK WIPING: "Secure Deletion of Data from Magnetic and Solid-State Memory" [alt.] (P. Gutmann) | "The Difficulty of Data Annihilation from Disk Drives: or Exnihilation Made Easy" (D. Devera) | "Can Intelligence Agencies Read Overwritten Data? A repsonse to Gutmann" (D. Feenburg) | Guidelines for Media Sanitization (NIST Special Publication 800-88)
- "Recovering Unrecoverable Data: The Need for Drive-Independent Recovery" (C.H. Sobey)
- "Evaluating Commercial Counter-Forensic Tools" (M. Geiger)
- General forensics: Crime & Clues: The Art and Science of Criminal Investigation | Crime Scene Investigation
- Subscribe to DCCI Dispatch
- Future Crimes: Anticipating Tomorrow's Crimes Today
- BLOGS: ComputerForensicsDigest.com (Fred Lane) | A Fistful of Dongles (Eric Huber) | ForensicDev (Martin Siefert) | BitSec Forensics Blog (Mike Webber) | Lance Mueller's Forensics Blog (includes EnScript tutorials!) | Forensic 4cast | exforensics (Larry Daniel/Guardian Digital Forensics) | int for(ensik){blog;} (Andreas Schuster & Mathieu Suiche) | Windows Incident Response (Harlan Carvey) | Volatile memory analysis research (Volatility) | A Geek Raised by Wolves (Jesse Kornblum) | Marc Rogers (Purdue University) | CyberSpeak's Podcast | SANS Computer Forensics Blog | Forensic Computing blog | Forensic Incident Response | PC-Eye (Digital Forensics) | Forensic Focus Blog | Solid Forensics Blog
- TWEETS (ok, I don't twitter but other people do... here are some ones possibly worth following...):
- Digital Forensics: @keydet89 (Harlan Carvey & Windows Forensics) | @Forensically (FS Labs - ForensicallySpeaking) | @AccessDataGroup (AccessData) | @sansforensics (SANS Forensics) | @EnCase (EnCase) | @Techpathways (Technology Pathways) | @forensickb (ForensicKB.com) | @DigitalDetectiv (Digital Detective.co.uk) | @sandersonforens (Paul Sanderson) | @forensikblog (Andreas Schuster) | @ericrobi (Eric Robi) | @CyberCrime101 (Joe Garcia) | @DFMag (Digital Forensics Magazine)
- Pen-testing, ethical hacking, and other info security: @schneierblog (Schneier Blog) | @briankrebs (Brian Krebs) | @taosecurity (Richard Bejtlich) | @DCITA (US Defense Cyber Investigations Training Academy) | @opexxx (Alexander Knorr) | @wimremes (Wim Remes) | @danchodanchev (Dancho Danchev) | @jeremiahg (Jeremiah Grossman) | @InternetLaw (InternetLaw) | @edskoudis (Ed Skoudis) | @drericcole (Eric Cole) | @DaveMarcus (Dave Marcus) | @hdmoore (HD Moore (Rapid 7, Metasploit)) | @mikkohypponen (Mikko H. Hypponen) | @OComputing (Offensive Computing)
Computer Crime, Cybercrime, & Legal Issues
Online Safety
Computer Forensics
Computer Forensics Tools
- Python Forensics: Innovative solutions for digital investigation (Chet Hosmer)
- FREE TOOLS: Free computer forensic tools; a list by Forensic Control of 125+ free tools for Disk tools and data capture, Email analysis, File and data analysis, Mac OS, Mobile devices, File viewers, Internet analysis, Registry analysis, and more | Sleuth Kit and Autopsy | MiTeC, a slew of nice utility tools (Windows Registry Recovery, Windows File Analyzer, Internet History Browser, E-mail History Browser, Instant Messaging History Browser, and more...) || Free tools from Mandiant, including memory forensics, malware analysis, and Web history file analysis | Many utilities from WoanWare, including prefetch, lnk file analysis, USB analysis, browser (FF, Opera, Chrome) extraction, and more | Tools from EviGator, including ClockSmith, GPS tag viewer, and plist viewer | Brian Carrier's Open Source Digital Forensics page (Bootable Environments, Data Acquisition, Media Management, File System, and Application tools)
- LINUX FORENSICS BOOT DISKS: SANS Investigative Forensic Toolkit (SIFT) Workstation Version 3.0 Paladin (Sumuri) | SMART Linux | Digital Evidence Forensic Toolkit (DEFT) Linux (Computer Forensics live cd) | Helix | CAINE (Computer Aided INvestigative Environment) | Kali Linux (formerly BackTrack) |
Knoppix STD (Security Tools Distribution) [old] | Penguin Sleuth [old]
- COMPUTER FORENSICS TOOLS: dtSearch text finding tool | EnCase (Guidance Software) | AccessData (Forensic Toolkit (FTK), SecureClean, WipeDrive, and password recovery) | Maresware Suite (Mares & Co.) | ProDiscover (Technology Pathways) | Digital Intelligence, Inc. | Paraben Forensic Tools| ILook Investigator (Law Enforcement only) | Forensic Acquisition Utilities (G.M. Garner) [Alt. link] | 10-23 On-Scene Investigator || Network Intrusion's list of forensics tools and forensics toolkits | Windows Forensic Toolchest (WFT) | fbi (E-mail and data forensics software) | KnTTools | Machor Software (Win Forensic Analysis, Firefox Forensics, Google Chrome Forensics)
- VIRTUAL VIEW OF COMPUTER IMAGE: Live View (CERT) | raw2vmdk
- National Software Reference Library (NSRL) Project (NIST)
- TUCOFS - The Ultimate Collection of Forensic Software
- FILE CARVING: Simple Carver Suite (Tim Coakley) [Tim's free tools] | DataLifter | Scalpel: A Frugal, High Performance File Carver | Photorec, digital picture recovery | Recover My Files | "Measuring and Improving the Quality of File Carving Methods (Kloet, 2007)
- Online conversion utilities (Number base converter, date/time conversion, integer/IPv4 address conversion, string hash, XOR/ADD stream encryption)
- Hiren's BootCD (partition, disk clone, recovery, testing, hard disk, system info, MBR, BIOS/CMOS, password, file system, and other tools)
- CERT Forensics tools (including LE-only tools)
- COMPUTER FORENSICS HARDWARE: Intelligent Computer Solutions | Digital Intelligence, Inc. | wiebeTECH | Data Forensics Engineering | Forensic Computers || iFixit manuals for Macs and iPods
- KEYSTROKE LOGGERS: Keylogger.org | KEYKatcher | KeyGhost | Blazing Tools Software Perfect Keylogger || Anti-Keylogger
- GCK'S PAPERS: List of File Signatures (includes pointers to magic numbers, file extension pages, and graphics file formats)
| The BASE64 and BASE32 Alphabets | ASCII Decimal and Hexadecimal Conversion Table
HASH SETS: HashKeeper (DOJ) | National Software Reference Library | Mares Hash Set CD
PARSING TOOLS: GCK's boot sector, MBR, MFT, FAT directory, INFO2, and other parsers | Many parsing tools from Red Wolf (include Gmail, folder, Skype logs, Recycle bin, and more...)
"List of Known Spyware" (unconfirmed list) | SpyArsenal.com
Sysinternals Windows and Linux internals software
File and data recovery software
Karen's Power Tools
BROWSER TOOLS: firefoxforensics | Karen's Cookie Viewer | Computer History Viewer (Elongsoft) | IE History View (NirSoft) | Web Cache Illuminator (Northstar Solutions) | Protected Storage PassView (NirSoft) | FireFox Forensics (Machor) | FoxAnalysis | ChromeAnalysis
RAM ANALYSIS: "The Acquisition and Analysis of Random Access Memory" (Vidas, JDFP, 1(4), Dec. 2006) || Windows 2000 memory parser (Carvey) | The Volatility Framework | Intel(R) Regimented Potential Incident Examination Report (RPIER) | memparser (DFRWS 2005) | Memory DD (MDD, ManTech) | Memoryze (Mandiant) | DumpIt (DumpIt download) | HBGary Responder and Fast Dump and more | F-Response | BinText | KnTTools | PyFlag | Interrogate: POC to identify crypto keys in RAM || Key Extraction (Brian Kaplan)
REGISTRY: Registry Ripper (Carvey) | Regshot (before and after registry comparison) | ERUNT (The Emergency Recovery Utility NT)
Dan Mares' Forensic Software Sources plus another list: A-C, D-F, G-K, L-O, P-S, T-Z
ANTI-FORENSICS: Network Intrusion's list of antiforensic tools | Metasploit Anti-forensics site (including Metasploit Anti-Forensic Investigation Arsenal (MAFIA)) | Plausible Deniability ToolKit | Detect and Eliminate Computer Assisted Forensics (DECAF) || "How Online Criminals Make Themselves Tough to Find, Near Impossible to Nab" (S. Berinato) | "'Dementia' Wipes Out Attacker Footprints In Memory"
WEB SITE DOWNLOAD: Web Page Saver (WPS) | HTTrack || See also Sam Spade software!
UNIX/LINUX: THE FARMER'S BOOT CD (FBCD) (see also manual) | BackTrack | Linux-Forensics.com (Penguin Sleuth) | The Coroner's Toolkit (TCT), from Dan Farmer and Wietse Venema, a toolkit for incident response/forensic analysis of Unix systems | "Freeware Forensics Tools for Unix" (D. Cheng) | "Basic Steps in Forensic Analysis of Unix Systems" (D. Dittrich) | Bill Stearns' CD of statically linked forensics tools | Forensics Incident Response Environment - F.I.R.E. (Melior, Inc. & DMZS FIRE CD) | Open Source UNIX Forensics Tools
WHOLE-DISK ENCRYPTION DETECTION: ZeroView | Encrypted Disk Detector (EDD)
MALICIOUS DOCUMENTS: "Analyzing Malicious Documents Cheat Sheet" (L. Zeltser) | "Dissecting a Malicious Word Document" (Kahu Security)
NOVELL: Captain Nemo - Multi Platform File Manager
MAC OS: The Apple Examiner | Ultimate Guide to Mac OS Forensics | Mac Forensics | BlackBag Macintosh Forensic Software | SubRosaSoft MacForensicsLab | HackMac.org || "FireWire Target Disk Mode Guidelines" (BlackBag Technologies) || Lion (MacOS X 10.7) artifacts
Tech Assist Forensics & Secruity Tools | "File Vault Imaging: Apple's Dirty Little Secrets" (Zdziarski)
MAC TIME ALTERATION (WINDOWS): PropertiesPlus | FileTime (VB) | AttributeMagic Pro | febooti fileTweak | ShellToys Change Date & Time | FAQ about PC clocks
TIMESTAMPS: "A brief history of timestamps" (Sanderson Forensics) | DCode and additional timestamp information
Removing/accessing the hard drive from a variety of devices (Sanderson Foresnics)
Wotsit's Format (file format information on hundreds of different file types)
Forensic Acquisition Utilities (Windows versions of dd, md5sum, netcat, and more!)
RDA - Remote Data Acquisition utility
Protected Storage Explorer
Default Password List
Forensic and Log Analysis GUI (FLAG) | PyFlag (FLAG ported to Python
md5deep (cross-platform program to compute MD5 digests on an arbitrary number of files)
Silent Runners (VBS script to identify programs that start up with Windows)
Steganography detection: WetStone Technologies | OutGuess | SpyHunter stego page
EXIF data extraction: ExifTool by Phil Harvey (Allows reading, writing, and editing of metadata in many file types; Windows and Mac versions) | exiftags utility | EXIF-O-Matic | Exifer for Windows | jhead | metadata extractor (Java) [D. Noakes] | "Exchangeable Image file Format (ExIF)" (C. Brown) | (While on the topic of JPEG, see JPG Degradation over Successive Saves)
REGISTRY: "Forensic Analysis of the Windows Registry"
METADATA: Metadata Assistant for Word, Excel and PowerPoint (Payne) | Open Office Metadata Extractor | FOCA | Digital photos as evidence (Hodges)
IMAGES: TinEye, reverse image search engine
"Evidentiary Value of Link Files" (Weilbacher)
Windows Forensics and Incident Recovery site and Forensic Server Project (Carvey)
CASE TIMELINE/VISUALIZATION TOOLS: i2 Analyst's Notebook, visual investigative analysis software | CaseAnalysis (CaseMap, TimeMap)
COMPUTER FORENSICS & VISUALIZATION: "Visual Computer Forensic Analysis" (K. Jones) | rumint
HARDWARE INFORMATION: pc-hardware-faq/enhanced-IDE | Hard Disk Drives (from The PC Guide) | DEW Associates Corporation Knowledge Center (articles on ACPI-compliant BIOS, CMOS, firmware, virtual memory, motherboards, and hard drives) | SCSI Storage Interfaces (T10 Technical Comm.) | ATA drives (T13 Technical Comm.)
FILE SYSTEMS: "FAT (File Allocation Table) File System Tutorial (Seamons) | "FAT: General Overview of On-Disk Format (Microsoft) | "Microsoft Extensible Firmware Initiative, FAT32 File System Specification, FAT: General Overview of On-Disk Format" (Microsoft) | "NTFS file system" (Mikhailov) | "NTFS Documentation" (Russon & Fledel) | "The EXT2 File System" (The Linux Tutorial site) | Apple Computer Technical Note TN1150, "HFS Plus Volume Format" || File system (Wikipedia) | Comparison of file systems (Wikipedia)
Video Previewer (Tim Coakley)
MAGNETIC FORCE MICROSCOPY (MFM): MFM overview | "Magnetic Force Microscopy (MFM)" (Alexeev & Popkov) | Magnetic Resonance Force Microscopy (IBM Almaden Research Center), w/ MPEG animation | Scanning Probe Microscopy | "Scanning Probe Microscopy (SPM)" (J.W. Cross)
SOLID-STATE/USB DEVICES: "Solid State Drives and Data Recovery" | "USB Key Analysis vs. USB Drive Enclosure Analysis" (Rob Lee) | "Updated: Computer Forensic Guide To Profiling USB Thumbdrives on Win7, Vista, and XP"
DISK WIPING SOFTWARE: Wipe Free Space | Darik's Boot and Nuke (DBAN) | BCWipe | Eraser
CD Emulator (open source)
See also GCK's pointers to crypto/stego tools and passwords crackers/hacker tools.
Mobile Device Forensics
- P3: Purdue Phone Phorensics Knowledge Base
- Mobile Forensics World Conference site (Videos from 2008, including GCK's video)
- The Computer Forensic Reference Data Sets (CFReDS) Project (NIST) -- Mobile phone data
- e-evidence info: Cellular/Mobile Phone Forensics papers and pointers
- AntennaSearch.com
- CELL PHONE TECHNOLOGY: GSM World | CDMA World Forum
- MOBILE PHONE ANALYSIS: "Cell Phone Forensic Tools: An Overview and Analysis" (NIST IR 7250) | "Cell Phone Forensic Tools: An Overview and Analysis Update" (NIST IR 7387) | "Mobile Forensic Reference Materials: A Methodology and Reification" (NIST IR 7617) | "Guidelines on Cell Phone Forensics" (NIST SP 800-101) | "Forensic Examination of a RIM (BlackBerry) Wireless Device" (M.W. Burnette) | Creating a Cell Phone Investigation Toolkit: Basic Hardware and Software Specifications (SEARCH) | SEARCHinvestigative toolbar | phone scoop | Carrier info from NANPA | FCC Antenna Structure Registration site | FoneFinder | Mobile Forensics Central ( TEELtechnologies) | e-evidence.info pointers... | PhoneNews.com | Forensics Telecommunications Services (FTS) | Phone-Forensics portal
- MOBILE PHONE EXAMINATION PRODUCTS: Santuko-Linux (A bootable Linux environment to make life easier) | BitPim (CDMA) | CelleBrite (Cellebrite UFED YouTube Channel) | Micro Systemation .XRY/.XACT | Oxygen Forensic Suite | Paraben | MOBILedit! | SIMCon | Susteen DataPilot | Cell Phone Analyzer | SmartMoto/Smart-Clip | BKFORENSICS | Fernico ZRT (camera/software) | CDMA Software | ESN Converter tool
- Cell Phone Erasure instructions
- GSM 11.11 specification (SIM card)
- PDA ANALYSIS: NIST IR 7100: "PDA Forensic Tools: An Overview and Analysis" (August 2004) | NIST SP 800-72: "Guidelines on PDA Forensics" | "iPod Forensics" (Marsico & Rogers) | "iPod Forensics Update" (Kiley, Shinbara, & Rogers) | DVD Forum || pilot-link (Linux<->PalmOS) | Palm OS Emulator (POSE) | Palm dd (pdd) | ABC Amber BlackBerry Converter
- SMS: "SMS and the PDU Format" | "Understanding SMS" (Harrington) || SMS tools (for GSM Phones)
- Nokia secret codes
- MOTOROLA-RELATED: OpenEZX: Motorola EZX GSM phone wiki | Motorola-Tools.com
- iPHONE: iPHONE INSECURITY (J. Zdziarski) [See also Waterboard: Advanced Forensic Logical Acquisition for iOS Devices] | The Apple Examiner | iphone-dataprotection | iPhones | iPhone Forensics Centre | Mobilyze (Black Bag) | iPhone Analyzer (SourceForge) | Katana Forensics | SpyCalc, hide videos, programs, and more on an iPhone or iPod || theiphonewiki
- Canon Hacker's Development Kit
- ANDROID OS: Android Forensics (viaForensics) [open source forensics application | viaForensics' Wiki] | "Five Great Reasons to Root Your Android Phone" | Open Source Android Forensics Toolkit
- Eoghan Casey on physical analysis of cell phones
- GPS: GPSForensics.org | Forensics Wiki | TomTom devices (Forensic Focus) | Paraben | GPSBabel (Free software for GPS data conversion and transfer)
- GPS TOOLS: GPS Coordinate Converter, Maps and Info | Degrees, Minutes, Seconds and Decimal Degrees Latitude/Longitude Conversions (FCC) | Opanda IExif viewer (excellent GPS conversion)
- CrashCube Project, extracting carsh data from automobiles (EU)
- MOBILE PHONE SPOOFING (see CALLER ID SPOOFING, below)
- BLOGS: Mobile Device Forensics (Michael Harrington)
- IMEI DATABASES: IMEI Number Lookup | IMEI.info | Jeevan's IMEI analyser v1.6 | nobbi.com Database of Manufacturer, Model and TAC
- CELL SITE ANALYSIS: Pinging Cell Phone Location and Understanding Cell Tower Information (Willingham, B.) | Litigators Guide to Simplified Cellular Carrier Cell Site Working Range Estimation Issues (John Minor) | "The Limitations and Admissibility of Using Historical Cellular Site Data to Track the Location of a Cellular Phone" [Blank, A., Richmond Journal of Law & Technology, 18(1)] | "Cell Tower Victories" [Cherry M., et al., 2011]
Network Forensics
| NEMX || "Understanding E-mail" (NDAA) | "The ECPA, ISPs & Obtaining E-mail (NDAA) | "How to View Email Headers" (SEARCH) | "CSI: Lost e-mails" (S. Ulfelder, Network World, 9/2003) | Yahoo! Messenger Archive Decoder | "Tracking E-mail" (G.E. Boyd)
INSTANT MESSAGING AND CHATTING: "A study of Internet instant messaging and chat protocols" (IEEE Network) || Yahoo! Messenger Protocol (Wiki) | Yahho Messenger Protocol (Venky's World) | Yahoo Protocol Tutorial | Yahoo Messenger Protocol v9 | YMSG Packet Types | AIM/OSCAR Protocol (Wiki) | GAIM protocols | MSN Messenger Protocol page | Msn Messenger Protocol (Venky's World)
Geobytes IP Address Locator Tool (pretty good, usually)
Infobin Information Services ISP Contact List
SOCIAL NETWORKS: Facebook JPG Finder (FJF) | Fchat | Facebook Chat Forensics
CALLER ID SPOOFING: Telespoof | SpoofCard | Star38.com (stealth telecom) | trapcall (Unmask blocked CallerID) || "CID/ANI spoofing on VoIP using Asterisk" | "VoIP hacks gut Caller I.D." (K. Poulsen, July 2004)
TELEPHONE SEARCH SITES: AnyWho | Switchboard Internet Yellow Pages and White Pages (and maps!) | Phonebooks.com (International) | Canada411 | fonefind.com | FoneFinder
Family Watchdog (National Sex Offender Registry)
ONLINE CHAT TERMS AND VERNACULAR: English internet slang (Wiktionary) | Sharpened Glossary | NetLingo List of Internet Acronyms & Text Message Jargon | Chat, E-Mail, Web, and chat room slang and acronyms | Slang list from NCMEC (PDF) | "A Parents Guide to Internet Lingo" (SpectorSoft) (PDF)
Chat site, text messaging, etc. lingo | Chat Abbreviations
PEOPLE SEARCHES: Pipl | freeality.com Internet Search Engines | skipease — The People Search Network (skiptracing) | Veromi: The Trusted Information Source | DOCUSEARCH | NetDetective | NETR Real Estate Information and Public Records Research | ZabaSearch | Spock People Search | spokeo | MyLife people search | SearchBug (includes people search by address | WhitePages.com (includes reverse lookups) | Directory Assistance plus | zoominfo | SearchSystems.net public records directory | l.e.a.d.s.online | Entersect Corp. | peoplefinders | intellus.com | INTELIUS | GorillaTrace - Metasearch for Investigative Professionals
ONLINE PRESENCE: Google BlogSearch | Snitch.Name
Ziggs, a site that allows a person to be notified when someone Googles them -- and to find out who was Googling!
SOCIAL SECURITY NUMBERS: SSN Verification (SSA.gov) | SSN validation software (Maresware)
SATELLITE PICTURES: TerraFly (Java) | TerraServer | TerraServer-USA | Google maps
SOCIAL NETWORKS: Social network analysis | PieSpy Social Network Bot | Snitch.Name | YoName
BOT NETS: "Know your Enemy: Tracking Botnets (Honeynet Project) | "Botnets as a Vehicle for Online Crime" (CERT) | "An Inside Look at Botnets" | "Attack of the Bots (WIRED, 14.11, Nov. 2006) || ZeuS Tracker
Online Investigator's Handbook
WIFI GEOLOCATION: Windows Incident Response blog (9/27/2009) | Skyhook WiFi Geolocation
MoocherHunter, mobile tracking software tool (LE version available)
VoIP/SKYPE: Paraben Chat Examiner | Red Wolf Skype parser || Skypeex (Extract Skype chats from a RAM dump)
INTEL GATHERING ON THE INTERNET: Automating OSINT (Seitz)
Electronic Discovery
Terrorism-Related Issues/Investigations
Return to your last page...