RE: [Full-Disclosure] Break-in discovery and forensics tools
From: Golomb, Gary (GGolomb@enterasys.com)
From: "Golomb, Gary" <GGolomb@enterasys.com> To: "Schmehl, Paul L" <email@example.com>, <firstname.lastname@example.org> Date: Wed, 23 Apr 2003 12:51:50 -0400
> I've been tasked with putting together a CD of tools that can be used
> for analysis of hacked machines. These would be both tools that can
> determine if a program is trojaned or a file has been altered as well
> tools that could be used to save forensics data for possible
Talikser's network security tools website
(http://www.networkintrusion.co.uk/index.htm) has a list of such tools.
A list of 30-40 individual forensic-specific tools (or close to it) for
Windows and Unix can be found at:
Complete toolkits (bootable and otherwise) are at:
If any have been left off, let me know!
Full-Disclosure - We believe in it.