CHFI Tools

Ace your homework & exams now with Quizwiz!

Reset Administrator Password

-> Active@ Password Changer -> Windows Recovery Bootdisk -> Windows Password Recovery Lastic

Netcat

A network utility program that reads from and writes to network connections.

Wireshark

A popular packet sniffer.

Nbtstat

Allow view of information in the name resolution cache in a Windows machine

FTK Imager

Allows evidence from Physical Drive, Logical Drive-Image, File-Contents of a folder

Route Print

Allows view of routing table

nbstat -S

Analyze NetBIOS over TCP/IP activity

Write Blocker

Blocks modification of the source drive

net start / net stop

Built-in commands used to start and stop services locally

IExplorer

Can bypass iPhone passcodes

TSK & Autopsy

Data Recovery Tool

File Carving tool

Datalifter, OSForensics, Simple Carver Suite

Rapid Image 7020 X2 IT Hard drive duplicator

Designed to copy one "Master" hard drive to up to 19 "Target" hard drives

Data Acquisition Tools

DriveSpy, ProDiscover Forensics, AccessData FTK Imager, SafeBack, F-Reponse, DeepSpar

- ProDiscover Basic - OSForensics - DataNumen (outlook/express) - Paraben E-Mail Examiner - AccessData FTK - Fookes Aid4Mail (outlook, thunderbird, eudora)

Email Recovery Tools

Bit-Stream disk-to-disk tools

Encase, Safeback, Norton Ghost, X-Ways Forensics

eventvwr.msc

Event Viewer command

Facebook Forensic Software

Facebook forensic analyzer

netstat -na

Find unusual listening on TCP or UDP ports

FRED system

Forensic Recovery of Evidence Device. Acquire data directly from IDE/EIDE/ATA/SATA/ATAPI/SAS/Firewire/USB hard drives and storage devices and save forensic image to Blu-Ray, DVD, CD, or hard drives

DeepSpar Disk Imager

Free Windows-based

AppleXsoft Disk Doctors mac data recovery R-Studio Data rescue 4 Stellar phoenix mac data recovery fileSalvage 321SoftData recovery Disk Drill for Mac Mac Data Recovery Guru Cisdem DataRecovery 3 File recovery in Linux

Full list of Mac Tools

Quick Recovery Stellar Phoenix Windows Data Recovery Total Recall Advanced Disk recovery windows Data recovery software R-Studio Orion File Recovery software Data Rescue PC Smart Undeleter DDR Professional Recovery Software Data Recovery Pro GetDataBack UndeletePlus File Scavenger Virtuallab Active UNDELETE WinUnDelete R-Undelete Recover4all professional recuva Active file recovery pandora recovery ontrack easyRecovery Seagate File Recovery Software Wise Data Recovery Glary Undelete Disk Drill PhotoRec

Full list of Windows recovery tools

PC-3000 Data Extractor

Hardware and software suite for recovering flash-based storage

DD Tool

Linux command used to locate residual data

NET SESSION \\ComputerName

List sessions from a given machine

lusrmgr.msc

Local Users and Groups

IDA Pro

Malware Analysis Tool -can reverse machine code to assembly language

Process Monitor

Monitor tool for windows, real-time

Netstat

Networking/protocol stack tool and function

JailBreaking apps

OneClick Root Kingo Android Root Towelroot RescuRoot

PDF Password Recovery

PDF Password Recovery PDF Password Genius SmartKey Tenorshare

PEview, PE Explorer or PEBrowse Professional

PE Analysis tools

iOS Jailbreaking apps

Pangu Jail Break Redsn0w Sn0wbreeze GeekSn0w

Windows partition recovery tools

Partition Recovery, Acronis Recovery Expert, DiskInternals, GetDataBack, EaseUS, 7-Data

Bit-Stream disk-to-image tools

ProDiscover, EnCase, FTK, TSK, X-Ways, ILook

rtgen, winrtgen

Rainbow tables - System Hacking

DumpIT

Ram dump

Recuva

Recovers pictures, music, documents, videos, emails, or any other file type that are lost. Can also recover from rewritable media like memory cards, external hard drives, USB, etc... Offers Advanced Deep Scan mode that scours a drive to find any traces of files that have been deleted. Securely deletes files with secure overwrite feature that meets military standards.

Registry tools

RegRipper ProDiscover RegEdit RegScanner

MOBILedit

SIM Cloning - Logical acquisition

Oxygen Forensic Suite

SIM Cloning - Physical acquisition and file system acquisition

Paraben's Chat Stick

Searches for chat logs

net view (command)

Shows the computers on your immediate network, whether they operate as a workgroup or a domain.

LifeRaft's Navigator

Social intelligence platform

FreeZip

Tool for lossless compression

StuffIt

Tool for lossless compression

WinZip, PkZip

Tools for lossless compression

Deep Log Analyzer

Web analytics Small/Medium websites Analyzes web site visitors' behavior and gets the complete website usage statistics in easy steps

UltraBay 3d

Write blocker

net use

a TCP/IP command that connects or disconnects a computer from a shared resource or can display information about connections.

X1 Social Discovery

collect and search data from social networks and the internet

Passware Kit Forensic

complete electronic evidence discovery solution reports all password-protected items on a computer and gains access to these items using the fastest decryption and password recovery algorithms.

FileMerlin

converts word processing, spreadsheet, presentation and database files between a wide range of file formats.

DriveSpy

data acquisition and duplication

EnCase

data collection forensic software guidance software civil/criminal investigations, etc forensic quality recordings of data recover insecurely deleted data snapshots of ram over time special training required

Handy Recovery

data recovery software designed to restore files accidentally deleted from hard disks and memory cards.

R Studio

data recovery software. It can recover files from FAT12/16/32/exFAT, NTFS, NTFS5 (created or updated by Windows 10, 8, 7, 2000/XP/2003/Vista).

Paraben's StrongHold bags

design to block out wireless signals from cell towers, wireless networks, and other signals

Disk Edit WinHex Hex Workshop

disk editor tools

HashMyFiles

for fingerprinting

Dependency Walker

links dynamically linked functions

Smartwhois

network information utility that allows you to look up all the available information about an IP address, hostname or domain, name of the network provider, administrator and technical support contact information.

PEiD

obfuscation methods

Regshot

registry compare utility that allows you to take a snapshot of your registry quickly and then compare it with a second one

Windows Password recovery bootdisk

reset a Windows admin password

Advanced Disk Recovery

scan entire system for deleted files and folders and recover them

Netlytic

social media analyzer

Xplico

to extract the applications data contained from an internet traffic capture. For example, from a pcap file Xplico extracts each email (POP, IMAP, and SMTP protocols), all HTTP contents, each VoIP call (SIP), FTP, TFTP, and so on. is an open source Network Forensic Analysis Tool (NFAT)

Undelete Plus

tool that can support large hard disks, and can recover documents even if windows is reinstalled

DiskDigger

undeletes and recovers lost files from hard drives, memory cards, and USB flash drives.

FragFS

use to hide data within the NTFS Master File Table ( MFT)


Related study sets

5.- Colorado Statutes, Rules, and Regulations Common to All Lines

View Set

Chapter 13: Exporting and Global Sourcing

View Set

Data Analysis for Managers Chapters 6-8

View Set

Sexual Assault Prevention Ongoing Education Quiz - Undergrad RVSM Refresher 2/4 (100%)

View Set

INFO 323 - Exam 3 - Cheeseman Chapter 12 Study Questions

View Set

Chapter 1, Object Oriented Analysis and Design, Object Oriented Programming

View Set