November 26th, 2014

Backtrack3 Final is out!

Time to get your download on! Backtrack3 is out, and ready for downloads. In addition to all of the normal goodies, it also comes with a trial version of SAINT (wow I haven’t seen that in a while), and the community edition of Maltego. Of course, you can also find wicrawl on there as well, :) .

New Open Source Forensics GUI

The guys over at Professional Security Testers recently posted about a new open source forensics tool named PTK. It’s an updated front end for sleuth kit, which could possibly replace the current interface, Autopsy, which has been getting pretty stale. Autopsy is pretty good, but I’ve found if you know what you’re looking for that the sleuth kit CLI and a couple scripts to automate case creation is often faster. PTK claims many improvements over autopsy:

* Indexing Engine
 - String Extracion
    o Allocated, Unallocated, Slack Space
    o Live Search
 - File Categorization
    o File signature analysis
        oFile extension mismatch
    - Auto Data Carving
        o Customizable file signature
    - Hash Set Manager

* Advanced Timeline
* Gallery View
* Advance Keyword Search
* Bookmarking Section
* Multi Investigator System
* Incident Response Mode

Looks pretty interesting. It doesn’t mention OSX support, but since TSK is supported on OSX, I’m hoping it will run there as well since it’s just a web interface. We used Autopsy and TSK a bit this weekend during CTF pre-quals, and an update is greatly appreciated. :)

PS — Recon, an entire convention focused on reverse engineering, is next weekend. If you can get to Montreal, you should check it out. It looks like there are a few interesting talks going on.

Imhotep theme designed by Chris Lin. Proudly powered by Wordpress.
XHTML | CSS | RSS | Comments RSS